New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
CNBC

The best high-yield savings accounts of March 2026

Editor's Note: APYs listed in this article are up-to-date as of the time of publication. CNBC Select will update as changes are made public. With a high-yield savings account, your APY can be ten ...