ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
SecurityWeek

Checkmarx Confirms Data Stolen in Supply Chain Attack

Checkmarx has confirmed that hackers stole data from its GitHub environment one week after hacking it to publish malicious ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
Decrypt

AI Agent Deletes Startup’s Database in 9 Seconds, Founder Says

PocketOS founder Jeremy Crane claims a Cursor agent running Claude Opus wiped production data and backups through a single ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.