The Hacker News

144 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
GitHub

Alliedium/awesome-software-engineering

A curated list of awesome software engineering resources. - Alliedium/awesome-software-engineering ...
GitHub

seanippolito/self-hosting-guide

Hugo Lyra is a typescript module for creating LyraSearch indexes for static Hugo sites, it comes with server and client libraries. Typesense is a fast, typo-tolerant search engine for building ...