Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Infosecurity Magazine

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes ...