Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
GitHub

ramsey/uuid

A PHP library for generating and working with UUIDs. ramsey/uuid is a PHP library for generating and working with universally unique identifiers (UUIDs). This project adheres to a code of conduct. By ...
GitHub

IPinfo PHP Client Library

This is the official PHP client library for the IPinfo.io IP address API, allowing you to look up your own IP address, or get any of the following details for an IP: You'll need an IPinfo API access ...