Red Hat hit by npm supply‑chain attack - here's how to stay safe

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...
The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...
GitHub

Foundation runtime type infrastructure for JavaScript. A monorepo of four small, focused packages providing cross-realm type detection, function introspection, type identity ...

All packages share the same runtime floor: Chrome 80+, Firefox 74+, Safari 13.1+, Edge 80+, Node 22+. See the browserslist field in each package's package.json. Pre-release. APIs are being designed; ...
SecurityWeek

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched GCP flaw enables takeover.
LinkedIn

Kubernetes Namespaces: The Ultimate Guide

As you start to build more services on top of Kubernetes, simple tasks can start to get complicated. If you have thousands of Pods, just listing them all takes time, and preventing naming conflicts ...