Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
The Hacker News

npm’s Update to Harden Their Supply Chain, and Points to Consider

In short, npm has taken an important step forward by eliminating permanent tokens and improving defaults. Until short-lived, ...
The New York Times

Senate Passes Spending Package but Partial Shutdown Looms

Spending Package: The Senate passed a bipartisan spending package to fund most of the government and keep the Department of Homeland Security running for two weeks while Democrats and President Trump ...
The Hill

GOP senators open to splitting off DHS funding to pass other key spending bills

A group of Republican senators is open to splitting the Homeland Security appropriations measure off from a six-bill government funding package that needs to pass by Friday to avoid a partial ...
TechCrunch

Tiny startup Arcee AI built a 400B-parameter open source LLM from scratch to best Meta’s Llama

Many in the industry think the winners of the AI model market have already been decided: Big Tech will own it (Google, Meta, Microsoft, a bit of Amazon) along with their model makers of choice, ...
Autoblog

Cadillac CT5-V Blackwing’s New Package Costs as Much as a Small SUV

At $26,995, the CT5-V Blackwing’s new package pushes its price past even the BMW M5. The Deep Ocean Package adds exclusive styling to the CT5-V Blackwing for $26,995. Only 200 units will be available, ...
CoinDesk

Criminal use of crypto spikes after years of steady decline, TRM report says

Criminal actors pulled in $158 billion in digital assets last year, which marked a sudden increase in the value of illicit activity after years of decline, according to a report released by TRM Labs ...
thecyberexpress

Malicious Open Source Software Packages Neared 500,000 in 2025

Malicious open source software packages have become a critical problem threatening the software supply chain. That’s one of the major takeaways of a new report titled “State of the Software Supply ...
Robb Report

Cadillac’s New Styling Package Costs Almost as Much as an Entire Luxury Car

The CT5-V Blackwing Deep Ocean Package is $26,995, on top of the models’s base price of $102,795. Relative to that number, it isn’t so much, but it is considering Cadillac’s not-so-distant past of ...
Business Insider

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

CAMBRIDGE, Mass., Jan. 27, 2026 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Half a dozen vulnerabilities in the JavaScript ecosystem’s leading package managers — including NPM, PNPM, VLT, and Bun — could be exploited to bypass supply chain attack protections, according to ...
Kotaku

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious Defamation’

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...