tea.xyz Flags Critical Open-Source Supply-Chain Risks In 2026

ZUG, Switzerland, Jan. 16, 2026 (GLOBE NEWSWIRE) -- tea.xyz has announced their new ecosystem findings highlighting escalating risks across the global open-source software supply chain, warning that ...
InfoWorld

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain compromises — exploiting CI systems, ...