Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via ...
CSO Online

Shai-Hulud & Co.: The software supply chain as Achilles’ heel

The threat situation in the software supply chain is intensifying. Securing it belongs at the top of the CISO’s agenda.
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
TechCrunch

OpenAI aims to ship its first device in 2026, and it could be earbuds

OpenAI created a lot of hype around hardware last year after it acquired former Apple design head Jony Ive’s startup io. While the company is tight-lipped about the upcoming product, OpenAI Chief ...
blockchain

Very Fast OpenAI Codex Update Promises Major Boost in AI Coding Speed and Efficiency

According to Sam Altman (@sama), a much faster version of OpenAI Codex is coming soon, signaling a significant leap in AI-powered code generation speed and efficiency (source: Twitter, 2026-01-16).
Supply Chain

Indian Government Nixes ‘Ten-Minute’ Delivery Promise

Think fast delivery has reached absurd levels in the U.S.? Give a thought to India, where the government has asked all quick-commerce platforms to drop a "10-minute delivery" promise. According to BBC ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, ...