For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
eWeek

Google Adds One-Click Chatbot Migration

Uploads bring prompts and responses, but not project files, attachments, or AI-generated images. The rollout skips the UK, ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive ...
GitHub

introduction-r-packages-markdown.Rmd

- Install packages using the `packages` tab. - Install packages using `R` code. [`R for Social Scientists`](https://datacarpentry.github.io/r-socialsci/index.html ...
GitHub

package.json

"description": "Turns an AST into code.", "bugs": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20generator%22+is%3Aopen", ...