The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
Security Boulevard

A Mini Shai-Hulud Targeting the SAP Ecosystem

GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP's Node.js packages — and it's still ...
Ecommerce Fastlane

Shopify’s New Commerce Readiness Tool: A Merchant’s Guide to Reading Your Score and Fixing What Matters

Most stores I have seen in the past 90 days score between 35 and 65 on AI readiness. The tool will tell you where you sit. It will not tell you what to do ...