CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
The Hacker News

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Botnets exploit PHP flaws and cloud misconfigurations, launching 20 Tbps DDoS and large-scale credential attacks.