Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
SecurityWeek

Hundreds of Internet-Facing VNC Servers Expose ICS/OT

Forescout has identified tens of thousands of exposed RDP and VNC servers that can be mapped to specific industries.
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.