Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

OpenAI’s Codex just moved into Chrome, where the useful work and the risks live

OpenAI’s Codex Chrome extension pushes the coding agent into signed-in browser work, making it more useful for real tasks while raising new questions about access, approvals, and agentic AI risk.The ...