Security NEXT

「Node.js」に12件の脆弱性 - 修正版を公開

「Node.js」に複数の脆弱性が判明し、開発チームは現地時間2026年6月18日にセキュリティアップデート「Node.js 26.3.1」「同24.17.0」「同22.23.0」をリリースした。
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...
CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
MSN による配信

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Follow ZDNET: Add us as a preferred source on Google. Red Hat was the victim of an npm security breach. The company has removed the affected packages. Check whether you use @redhat-cloud-services npm ...

China-Japan relations

Latest news and analysis on China-Japan relations, including trade, investment, the legacy of war in Asia, military tensions ...