New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

Released Mandelson messages 'embarrassing', says minister, but defends government record

Lord Mandelson called No 10 "beleaguered and bereft" - while minister Pat McFadden said: "Every meeting I have is 'who can we ...
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.

Meet Fabrice Bellard: The French engineer whose code powers YouTube, Netflix and TikTok, yet he has spent 30 years quietly out of the spotlight

Most people can name the founders of Apple, Microsoft, Meta or Tesla. Fabrice Bellard remains largely unknown outside ...
ITWeb on MSN

The Open Group Launches the Open Footprint® Standard, Edition 1.0 to Streamline Scope 1, 2, and 3 Emissions Management

The Open Group Launches the Open Footprint® Standard, Edition 1.0 to Streamline Scope 1, 2, and 3 Emissions ManagementBusiness Wire via ITWeb,SAN FRANCISCO, 02 Jun 2026The Open Group, the ...
The Caledonian-Record

Ragnarok: Twilight Global Official Launching in Europe and North, Central and South America on ...

GRAVITY Co., Ltd. (NasdaqGM: GRVY) (“Gravity” or “Company”), a developer and publisher of online and mobile games, announced that GRAVITY Game Vision, ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...