News

SecurityWeek15h

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack

The popular Nx build system, boasting 4 million downloads each week, was exploited in the first supply chain breach to use AI assistants.

Using CodeQL to detect client-side vulnerabilities in web applications

GitHub’s CodeQL is a robust query language originally developed by Semmle that allows you to look for vulnerabilities in the ...

YouTube TV reaches 'short-term extension' in dispute with Fox, warding off immediate disruptions

YouTube TV has reached a short-term extension in its contract dispute with Fox. This means subscribers won't face immediate ...

Rick Barnes signs a lifetime contract keeping him as Tennessee’s coach

Tennessee wants to make sure Rick Barnes stays with the Volunteers as long as he wants to coach the men’s basketball team.
Infosecurity Magazine13h

Malicious VS Code Extensions Exploit Name Reuse Loophole

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages ...
The Hacker News15h

Malicious Nx Packages in 's1ngularity' Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.
InfoWorld10h

Wave of npm supply chain attacks exposes thousands of enterprise developer credentials

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.
Opinion
The Indiana Lawyer10hOpinion

Opinions August 28, 2025

Indiana Court of Appeals City of New Albany v. Ecosystems Connections, LLC, and the Indiana Department of Natural Resources 24A-PL-2969 Civil plenary. Affirms the Floyd Superior Court’s order that ...