Trending
My news
Find Feeds
My feeds
Delivery settings
Plans
My earnings

Help
Blog

Follow us on X (twitter)
Follow us on Facebook

Log in

Find more feeds

Mend Leadership Update: Building on Our Momentum for the Next Phase of Growth

follow.it gives you an easy way to subscribe to Mend Leadership Update: Building on Our Momentum for the Next Phase of Growth's news feed! Click on Follow below and we deliver the updates you want via email, phone or you can read them here on the website on your own news page.

You can also unsubscribe anytime painlessly. You can even combine feeds from Mend Leadership Update: Building on Our Momentum for the Next Phase of Growth with other site's feeds!

Title: Mend.io - AI Powered Application Security

Is this your feed? Claim it!

Publisher: Unclaimed!

Message frequency: 0.25 / day

Message History

Miasma: Red Hat Cloud Services npm Packages Hit by a Mini Shai-Hulud-Style Campaign3 days

On June 1, 2026, multiple npm packages in the @redhat-cloud-services scope were published with malicious versions. Each tarball ships a 4.1 MB obfuscated JavaScript file added to package.json as a preinstall hook. The hook runs a multi-stage loader that ends in a Bun-executed credential stealer hitting AWS, Azure, GCP, HashiCorp Vault, Kubernetes, GitHub Actions OIDC, npm, Bi...

Read full story

Laravel-Lang Composer tag-rewrite Supply Chain Attack2 weeks

On 2026-05-22, an attacker rewrote every repository tag across four Composer packages in the Laravel-Lang ecosystem to point at malicious commits. The affected packages are laravel-lang/lang, laravel-lang/attributes, laravel-lang/http-statuses, and laravel-lang/actions. The rewrite took place on 2026-05-22 into the early hours of 2026-05-23. Every malicious commit makes the s...

Read full story

The EU Cyber Resilience Act: A Complete Compliance Guide for 2026 and Beyond2 weeks

Key takeaways The Cyber Resilience Act (CRA) entered into force on December 10, 2024 and applies to nearly every "product with digital elements" sold in the EU. Vulnerability and incident reporting obligations begin on September 11, 2026. Manufacturers will have 24 hours to file an early warning and 7...

Read full story

Mini Shai-Hulud Hits @antv: 323 npm Packages Compromised Through the atool Maintainer Account2 weeks

An active supply chain attack has compromised 323 npm packages published under the atool npm maintainer account. The wave sweeps the entire @antv data-visualization organization alongside standalone libraries with wide independent adoption: echarts-for-react, timeago.js, size-sensor, and canvas-nest.js. With echarts-for-react pulling roughly 1.1 million weekly downloads, any ...

Read full story

Inside the RubyGems Supply Chain Attack: How Mend Defender Caught a Coordinated Flood Before It Spread3 weeks

On May 11, 2026, Mend Defender flagged more than 120 malicious packages newly published to RubyGems — the standard package manager for the Ruby ecosystem. Within 24 hours, that initial cluster expanded into something far larger: tens of thousands of packages pushed by...

Read full story

Login to follow.it

Keep me logged in

Or:

Don't have an account yet?