SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
The New York Times

Connections: Sports Edition Coach

Welcome to Connections: Sports Edition Coach — a spot to gather clues and discuss (and share) scores. Mark Cooper Connections: Sports Edition today: Hints and answers for June 9, 2026, puzzle No. 624 ...
The New York Times

Connections Companion

Scroll down for hints and conversation about the puzzle for Saturday, June 6, 2026. By New York Times Games Scroll down for hints and conversation about the puzzle for Friday, June 5, 2026. By New ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...