The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.

Why CERT-In is warning startups and IT firms about ‘Shai-Hulud,’ a Dune-inspired malware

India’s cybersecurity agency warns of a fast-spreading npm supply chain worm, urging startups and ITes firms to secure ...

Unofficial Postmark MCP npm silently stole users' emails

A npm package copying the official 'postmark-mcp' project on GitHub turned bad with the latest update that added a single ...

Microsoft Edge to block malicious sideloaded extensions

Microsoft is planning to introduce a new Edge security feature that will protect users against malicious extensions ...