CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...
ITWeb

HOSTAFRICA acquires zanode.co.za, bringing the AI deployment toolset to SA developers

The acquisition extends HOSTAFRICA’s hosting offering into a developer-first app platform aimed at agencies, software development companies and SaaS teams building for the local market.
The Next Web

10 best ITGC tools and software for automated IT controls in 2026

We compared the best ITGC tools for SOX compliance in 2026, including Scytale, Pathlock, ServiceNow GRC, Workiva, MetricStream, Archer, and more.
Cryptopolitan

Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
SecurityWeek

Over 500 Organizations Hit in Years-Long Phishing Campaign

Operation HookedWing phishing campaign hit aviation, critical infrastructure, energy, logistics, public administration, and ...

The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls

Your security controls aren't failing, they're missing where most of today's work actually happens. Keep Aware shows how ...

eScan Enterprise DLP Closes Critical GitHub Access Control Gap for Organizations

GitHub Team accounts leave enterprises exposed. eScan enforces corporate-only authentication across all GitHub tiers — ...
Ars Technica

GitHub will start charging Copilot users based on their actual AI usage

It's very hard to estimate. Casual User (Personal Use): 5,000 – 15,000 tokens per day Asking 3–5 brief questions, requesting a summary of a short text, or drafting an email. Moderate User (Office / ...

OpenAI debuts GPT-Rosalind, a new limited access model for life sciences, and broader Codex plugin on Github

At its core, GPT-Rosalind is the first in a new series of models optimized for scientific workflows. While previous iterations of GPT excelled at general language tasks, this model is fine-tuned for ...