Cybernews

CISA, GitHub take action after massive NPM supply chain compromise

CISA and GitHub have responded to a widespread supply chain attack involving the Shai-Hulud worm compromising over 500 NPM packages.

GitHub is finally tightening up security around npm following multiple attacks

Following a number of recent high-profile attacks and hacking attempts, GitHub has decided to make substantial changes to the ...
SecurityWeek

GitHub Boosting Security in Response to NPM Supply Chain Attacks

In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and ...
The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
GitHub

MatrixSeven/file-transfer-go

MatrixSeven / file-transfer-go Public Notifications You must be signed in to change notification settings Fork 396 Star 3.1k ...
XDA Developers on MSN

I built my own video platform like YouTube by self-hosting this tool

Tired of YouTube’s rules and ads? I built my own video platform with MediaCMS: an open-source, self-hosted, and surprisingly ...
GitHub

Train multi-step agents for real-world tasks using GRPO.

RULER (Relative Universal LLM-Elicited Rewards) eliminates the need for hand-crafted reward functions by using an LLM-as-judge to automatically score agent trajectories. Simply define your task in the ...
Hackaday

This Week In Security: The Shai-Hulud Worm, ShadowLeak, And Inside The Great Firewall

Hardly a week goes by that there isn’t a story to cover about malware getting published to a repository. Last week it was ...