Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

I built a coding tutor that won't let me cheat my way through it. Here's the prompt.

Every time a developer types npm install, they are placing a bet that the package they are pulling into their project is not ...

A threat group planted a malicious npm package in a crypto trading project through an AI-generated commit by Anthropic's ...

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

TypeScript 7 Beta is here, bringing native execution speed and shared-memory parallelism to Visual Studio. Experience a 10x speed boost and snappier IntelliSense today.

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.