ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...
InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just ...
InfoQ

Cloudflare's Matrix Homeserver Demo Sparks Debate over AI-Generated Code Claims

A Cloudflare blog post claiming a "production-grade" Matrix homeserver on Workers didn't survive community scrutiny. Missing ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
Eau Claire Leader-Telegram

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious ...

ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors increasingly rely on lightweight, stealthy ...