TechTaffy

tech:

taffy

NPM bug allowed attackers to distribute malware as legitimate packages — The Hacker News

By TechTaffy Desk

A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate, writes Ravie Lakshmanan.

Here is the link: https://thehackernews.com/2022/04/npm-bug-allowed-attackers-to-distribute.html

Just in

Around the web

Biden signs TikTok ‘ban’ bill into law, starting the clock for ByteDance to divest it — The Verge

President Joe Biden signed a foreign aid package that includes a bill that would ban TikTok if China-based parent company ByteDance fails to divest the app within a year, writes Lauren Feiner.
IT

IBM to acquire HashiCorp for $6.4B

IBM and HashiCorp have entered into an agreement for IBM to acquire HashiCorp, a provider of infrastructure and security management products, for $6.4 billion.
AI

OpenAI introduces new enterprise features

OpenAI announced new features aimed at enterprise users on Tuesday, at the wake of Meta's recent LLama 3 announcement.
Around the web

Oracle is moving its world headquarters to Nashville to be closer to health-care industry — CNBC

Oracle Chairman Larry Ellison said Tuesday that the company is moving its world headquarters to Nashville, Tennessee, to be closer to a major health-care epicenter, writes Ashley Capoot.
Industry

Square expands offline payments globally

Payment processing company Square has announced the expansion of its offline payments feature to all hardware devices and countries.