New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
Security Boulevard

SAML vs OIDC vs OAuth 2.0: 12 Differences Every B2B Engineering Team Should Know

Choosing between SAML, OIDC, and OAuth 2.0? Explore 12 critical differences to help your B2B engineering team select the right authentication protocol today.
TMCnet

Grafana Labs Targets the "AI Blind Spot" with New Observability Tools Announced at GrafanaCON 2026

Grafana Labs, the company behind the open observability cloud, today announced a set of new AI-focused capabilities at GrafanaCON 2026: AI Observability in Grafana Cloud; a significant expansion of ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Techzine Europe

OpenSearch is enterprise-ready with long-term support and version 3.6

OpenSearch is getting an LTS program with 18 months of support, SBOM compliance, and vendor accreditation. OpenSearch 3.6 is ...