Attackers infected all versions with the same credential-stealing malware that, on Wednesday, poisoned multiple npm packages ...

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Most people install an app, grant it a few permissions, and never give its security another thought. But behind the… | ...

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...

Five years of chaos—finally sorted.

With this app, you can reveal hidden files in Finder, clear logs and caches eating your space, batch convert images, and more ...

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...