BAAACK » TechCrunch » Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

× Share this Article

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

May 19, 2026 Lorenzo Franceschi-Bicchierai

Share this Article

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.

The minimalist Light Phone teams up with Andrew Yang’s Noble Mobile, which pays you to stop doomscrolling

"The Light Phone is designed to be used as little as possible," founder Joe Hollier told TechCrunch.

US cyber agency CISA exposed reams of passwords and cloud keys to the open web

The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repo...

Most Recent Articles

How to turn off AI in your Google Docs

Here's what you need to do to get those pesky "write with Gemini" pop-ups to go away.

Read Article

AI is hurting Apple in more ways than one: it may force iPhone price increases

CEO Tim Cook said in a recent interview that the situation is "unsustainable."

Read Article

Chi-Hua Chien saw Facebook coming — now he says the real AI winners won’t be selling AI

Chi-Hua Chien has spent more than two decades as a venture capitalist, but he thinks like a cultural anthropologist.

Read Article

Roelof Botha joins SpaceX’s board of directors

The former Sequoia Capital leader is filling an "existing vacancy" on SpaceX's board, days after the company went public in the largest IPO ever.

Read Article

After unveiling ridiculously expensive AR glasses, Snap’s stock takes a dive

Snap's long-awaited smart glasses debut hasn't exactly done wonders for the company's stock.

Read Article

NEA’s Tiffany Luck says enterprises are still figuring out their AI ROI

Tokenmaxxing was the hottest trend in Silicon Valley earlier this year, with CEOs encouraging employees to push AI usage as far as it would go. Then the bill came due. Uber reportedly blew through...

Read Article

FTC lawsuit reveals how subscription scam networks evade app store enforcement

A new FTC lawsuit reveals how sophisticated subscription app operators can allegedly use shell companies and payment infrastructure to stay active on app stores despite mounting consumer complaints.

Read Article

World leaders want American AI. They just don’t want America to be able to turn it off.

French President Macron and Indian PM Modi raised alarms at the G7 summit that the U.S. could cut off access to American AI overnight — a fear the Anthropic blackout just made real.

Read Article

Anthropic becomes first AI startup to join the Frontier carbon removal coalition

Anthropic has joined the Frontier coalition, which received another $915M in pledges to fund carbon removal projects.

Read Article

Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world

An alleged Russian-speaking group of cybercriminals is reportedly compromising and targeting several major companies that use Fortinet Firewalls and VPNs through previously known passwords.

Read Article

Social media’s next evolution: user-controlled algorithms

Social media feeds are becoming more customizable as platforms like Threads, Instagram, and TikTok introduce tools that let users directly influence the algorithms powering their recommendations.

Read Article

World model maker Odyssey nabs $1.45B valuation backed by Amazon and other big names

World models are the next big thing in AI beyond LLMs and, with this round, Odyssey has cemented itself as one of the startups to watch.

Read Article

Mastodon looks to newsletters to help revive the open social web

Mastodon’s newly launched newsletter feature lets anyone subscribe to creators by email, even without a Mastodon account.

Read Article

Only 16 percent of Americans think AI will have a positive impact on society, a new study shows

Although Wall Street loves AI, every day Americans are significantly less optimistic about the industry, a new report from Pew Research shows.

Read Article

Two Stanford grads raise $11M to build a noninvasive wearable for hormone tracking

Clair Health will track inflammation and bloating markers, energy levels, and cycle phase classification to give insights into cycle irregularities and perimenopause, as well as hormonal...

Read Article

Google bets on Gemini to reinvent the smart home speaker

Google is betting generative AI can breathe new life into the smart speaker. The company's new $99.99 Google Home Speaker replaces the rigid commands of the Google Assistant era with more...

Read Article

PayPal Ventures shutters as company restructuring continues

The corporate venture arm ends after 10 years and 80 investments.

Read Article

The slowtech revolution is here to kill your phone addiction and rescue your attention span

“People just really want to take back control of their time, their lives, their attention... They’re down for whatever helps them do that.”

Read Article

Collecting robot training data is dirty, unglamorous work. Some AI labs are already paying XDOF to do it.

If physical AI is going to match the accomplishments of LLMs, there's a data problem that needs to be solved.

Read Article

Pramaana Labs raises $27M seed round from Khosla Ventures to bring formal verification to AI

Pramaana will focus on highly sensitive verticals like law, drug discovery, and tax preparation — where errors can be costly and reliability is at a premium.

Read Article

Return to Home

Bye!

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

Previous Article

Next Article