TanStack Packages Hit by Sophisticated Supply Chain Attack
A self-propagating worm has torn through the TanStack JavaScript ecosystem, publishing 84 malicious versions across 42 widely used npm packages in a …
Supply Chain
JDownloader Website Hacked — Malicious Installers Served to Windows and Linux Users
JDownloader, one of the most widely used free download managers with millions of users across Windows, macOS, and Linux, had its official website com…
Lightning PyPI Package Compromised in Supply Chain Attack
If you're building, training, or shipping AI models with PyTorch Lightning, check your installed version immediately — two freshly published rele…