FRIDAY, JUNE 26, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 1h ago

Miasma campaign poisons 20+ npm packages, targets developer secrets

By Meridian48 News Desk · Summarised from The Register ·

Microsoft uncovered a supply chain attack dubbed Miasma that infected over 20 npm packages, including Leo Platform and RStreams. The malicious code harvests credentials and targets additional package maintainers. Developers are urged to audit their dependencies and rotate any exposed secrets.

Meridian48 take
The attack underscores the persistent vulnerability of open-source ecosystems, where trust in maintainers can be weaponized to compromise downstream users.
Read the full reporting
Miasma campaign poisons 20-plus npm packages, hunts for developer secrets →
The Register
supply-chain-attacknpm
More security briefs
Security

Robinhood Revamps Access Approvals for Faster Developer Workflows

Dark Reading · 15h ago
Security

CISA Flags Actively Exploited PTC Windchill RCE Bug

The Hacker News · 1h ago
Security

Linux 'pedit COW' Exploit Grants Root via Cache Poisoning

The Hacker News · 1h ago
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan