Topic
Tech Journalism
Source-verified reporting on cybersecurity, software supply chains, AI, and the engineering impact of technology industry changes.
CybersecurityOpen SourceSupply ChainThreat IntelligenceTechnology Reporting
Suggested reading path
Tech Journalism
Suspected North Korea-Linked npm Malware Disguised as Rollup Polyfills
Six malicious npm packages imitated Rollup polyfills to target credentials on developer workstations and CI systems. Here is how teams should respond.
Tech Journalism
North Korea-Linked PolinRider Campaign Expands Beyond npm to Go and Chrome
The North Korea-linked PolinRider campaign expanded across npm, Go, Packagist, Chrome extensions, GitHub repositories, and developer tools.