14:I[7693,["2972","static/chunks/2972-5a7e3f0e280f8004.js","4186","static/chunks/app/(main)/tech-news/%5BcategorySlug%5D/page-9a2f18add98e53ef.js"],"default"] 7:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Security — Tech News\",\"description\":\"Cybersecurity, breaches, and privacy incidents\",\"url\":\"https://www.itquestionanswer.com/tech-news/security\"}"}}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://www.itquestionanswer.com\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tech News\",\"item\":\"https://www.itquestionanswer.com/tech-news\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security\",\"item\":\"https://www.itquestionanswer.com/tech-news/security\"}]}"}}],["$","$L14",null,{"category":{"id":"6a0eabe9c6136ba677b649d2","name":"Security","slug":"security","description":"Cybersecurity, breaches, and privacy incidents"},"articles":[{"id":"6a0eac21c6136ba677b64a04","title":"Supply-chain attack hits dozens of popular open-source packages","slug":"supply-chain-attack-open-source-packages","category":"Security","categorySlug":"security","description":"Maintainers urge teams to audit dependencies after malicious releases were detected on npm.","content":"

Incident summary

Security researchers identified typosquatted packages with obfuscated install scripts targeting developer machines.

Mitigation steps

Pin dependency versions
Enable lockfile verification in CI
Rotate secrets if installs occurred after the compromise window

","tags":["security","npm","supply-chain"],"date":"2026-05-17","author":"Muhammad Fareed","image":"/no-image.png","source":"$undefined"}]}]]

Security

Security stories

Supply-chain attack hits dozens of popular open-source packages