IT News For Australia Business

Supply chain attack hits 100 million-download Axios npm package

A widely used JavaScript package used with over a hundred million weekly downloads has been compromised in a new supply chain attack to fetch a malware payload for Windows, Linux systems and macOS ...
CNET

YouTube TV Launches a Raft of New Streaming Packages From $55 a Month

Kourtnee covers TV streaming services and home entertainment. She previously worked as an entertainment reporter at Showbiz Cheat Sheet, where she wrote about film, television, music, celebrities and ...
InfoWorld

Beyond NPM: What you need to know about JSR

NPM, the Node Package Manager, hosts millions of packages and serves billions of downloads annually. It has served well over the years but has its shortcomings, including with TypeScript build ...
6abc News

Some retailers offering package protection, but is it worth it?

PHILADELPHIA (WPVI) -- A growing number of retailers are offering consumers a new option when they check out online: order protection, sometimes called package protection. So, what does it cover, and ...
NBC News

UPS is 'disposing of' U.S.-bound packages over customs paperwork problems

Thousands of U.S.-bound packages shipped by UPS are trapped at hubs across the country, unable to clear the maze of new customs requirements imposed by the Trump administration. Subscribe to read this ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
adtmag.com

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The notification arrived on September 14, 2025, at 17:58 UTC. Somewhere in the sprawling npm registry—home to 2.5 million JavaScript packages that power everything from banking apps to smart ...
CoinTelegraph

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
CoinTelegraph

Hackers find new way to hide malware in Ethereum smart contracts

Threat actors have found a new way to deliver malicious software, commands, and links inside Ethereum smart contracts to evade security scans as attacks using code repositories evolve. Cybersecurity ...
Bleeping Computer

NPM package ‘is’ with 2.8M weekly downloads infected devs with malware

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts ...