CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal ...
The Australian

CFMEU halts work on $12bn tunnel as Victorian government keeps Big Build files secret

The union ordered workers to down tools on Wednesday, citing safety concerns on the toll road site. Industry sources told The Australian the stoppage was ­widely seen as payback against builder John ...