Tech Times

Floci Tops 10,000 GitHub Stars as Free, MIT-Licensed AWS Emulator Fills LocalStack’s $39/Month Paywall Gap

Thousands of software development teams whose CI/CD pipelines depended on LocalStack’s free community edition lost access to no-cost, no-account AWS emulation on March 23, 2026, when the company ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Dark Reading

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open ...
InfoQ

JEP 533 Tightens Exception Handling in Java's Structured Concurrency for JDK 27

JEP 533, Structured Concurrency, has reached integrated status for JDK 27. It refines exception handling and type safety in ...
Morning Overview on MSN

TeamPCP compromised the CI/CD pipelines behind Trivy, Checkmarx, and LiteLLM — stealing AWS keys from build servers worldwide

Sometime on March 19, 2026, a poisoned version of the open-source security scanner Trivy slipped into automated build ...