The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Investopedia

Understanding the Import and Export Price Indexes and Their Impact

Daniel Liberto is a journalist with over 10 years of experience working with publications such as the Financial Times, The Independent, and Investors Chronicle. Robert Kelly is managing director of ...
凤凰网

主流 JavaScript 软件包管理平台 npm 遭供应链投毒攻击

IT之家 5 月 25 日消息,国家网络安全通报中心今日发布预警,称监测发现,全球主流 JavaScript 软件包管理平台 npm 遭“沙虫”(Shai-Hulud)供应链投毒攻击。攻击者攻陷了 npm 官方维护者账户,并在短时间内批量投放大量恶意软件包,涉及 300 余个独立程序包的 600 ...
Times LIVE

Volvo wins approval to keep importing vehicles to US

Volvo Cars, majority owned by China’s Geely Holding, said on Tuesday it received approval from the US government allowing it to continue selling vehicles. In January 2025, former president Joe Biden’s ...
证券时报官方网站

国家网络安全通报中心:主流JavaScript软件包管理平台npm遭供应链投毒 ...

声明:证券时报力求信息真实、准确,文章提及内容仅供参考,不构成实质性投资建议,据此操作风险自担 下载"证券时报"官方APP,或关注官方微信公众号,即可随时了解股市动态,洞察政策信息,把握财富机会。