A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software.
The campaign, referred to as “mini Shai-Hulud,” affected packages used in SAP’s JavaScript and cloud application development ecosystem.
The malicious versions added installation-time code that could steal developer credentials, GitHub and npm tokens, GitHub Actions secrets, and cloud credentials from AWS, Azure, GCP, and Kubernetes environments.
Researchers at SafeDep, Aikido Security, Wiz, and several other security firms said the affected packages included mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2, and @cap-js/sqlite@2.2.2.
The suspicious versions were published on April 29 and were later replaced by safe releases.
The malware encrypted stolen data and sent it to public GitHub repositories created from victims’ own accounts, according to the researchers. It also used stolen GitHub and npm tokens to add ma
Insider Brief PRESS RELEASE — Tessera Labs announced $60 million in oversubscribed funding led by Andreessen Horowitz (a16z) to accelerate its mission of bringing AI-native automation to enterprise transformation. Foundation Capital, Myriad Venture Partners, and Osage University Partners also participated. The announcement arrives as the global SAP community convenes in Orlando for its flagship annual event, underscoring […]
If you have spent time using AI coding agents — GitHub Copilot, Claude Code, Gemini CLI — you have probably run into this situation: you describe what you want, the agent generates a block of code that looks correct, compiles, and then subtly misses the actual intent. This “vibe-coding” approach can work for quick prototypes […]
The post Meet GitHub Spec-Kit: An Open Source Toolkit for Spec-Driven Development with AI Coding Agents appeared first on MarkTechPost.
Everyone wants a piece of the enterprise AI pie, and this week, we saw a string of companies making their moves. From Anthropic and OpenAI announcing new joint ventures targeting enterprise AI deployment to SAP dropping $1B on German AI startup Prior Labs, it’s becoming clear that if you’re a startup building enterprise tools, you’re likely an acquisition target. On this episode of TechCrunch’s Equity podcast, hosts Kirsten Korosec, Anthony […]
If you’re an aspiring AI engineer looking to sharpen your skills, building AI agents is one of the most effective ways to get hands-on experience. AI agents represent practical applications of AI across domains, from personal assistants and recommendation systems to financial traders. Here are 10 AI agents every engineer should build. For each, you’ll […]
The post 10 AI Agents Every AI Engineer Must Build (with GitHub Samples) appeared first on Analytics Vidhya.
Save to Spotify is a new command-line tool designed specifically for AI agents like OpenClaw, Claude Code, or OpenAI Codex. If you're the kind of person who collects research on a topic, then feeds it through their AI of choice to create audio summaries and personal podcasts, this lets you save them right alongside the latest episode of The Vergecast and Welcome to Night Vale on Spotify.
To set it up, you need to download and install the Save to Spotify CLI from GitHub. Then you just prompt your AI agent as normal, but tack on "and save to Spotify," and it should show up right in your podcast feed. In the blog post announcing the feature, S …
Read the full story at The Verge.
SAP is moving to fix a problem that has quietly held back enterprise AI. The company is acquiring, targeting two weak points that most organizations still struggle with: fragmented data […]
The post SAP Seeks Solution to Enterprise AI Puzzle with Dremio, Prior Labs Acquisitions appeared first on AIwire.
