SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Entire Claude Code CLI source code leaks thanks to exposed map file

Early this morning, Anthropic published version 2.1.88 of Claude Code npm package—but it was quickly discovered that package ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
Visual Studio Magazine

TypeScript 6.0 Ships as Final JavaScript-Based Release, Clears Path for Go-Native 7.0

Microsoft released TypeScript 6.0 on March 23, the last version built on the original JavaScript codebase, with three post-RC changes and a wave of deprecations designed to ready codebases for the ...
The Daily Mirror

Allianz Lanka strengthens industry collaboration through CRIB Insurance Data Repository Agreement

Allianz Lanka has taken an important step forward in strengthening industry-wide data governance and risk intelligence by joining the national Insurance Data Repository initiative. The company ...
The Independent

DOGE staffer had ‘God-level’ Social Security access and expected Trump’s pardon, whistleblower says

A former employee with the so-called Department of Government Efficiency allegedly claimed he tapped into two sensitive Social Security Administration databases and intended to share the information ...
insider.si.edu

Smithsonian Open Access

Welcome to Smithsonian Open Access, where you can download, share, and reuse millions of the Smithsonian’s images—right now, without asking. With new platforms and tools, you have easier access to ...