Official SAP npm Packages compromised to steal Credentials and Authentication Tokens from Developers Systems.

Official SAP npm Packages compromised to steal Credentials and Authentication Tokens from Developers Systems.

Security researchers report that the compromise impacted four packages, with the versions now deprecated on NPM:

• @cap-js/sqlite – v2.2.2
• @cap-js/postgres – v2.2.2
• @cap-js/db-service – v2.10.1
• mbt – v1.2.48

️These packages support SAP's Cloud Application Programming Model [CAP] and Cloud MTA, which are commonly used in enterprise development.️

TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MT...

Compromised SAP CAP npm packages download and execute unverified binaries, creating urgent supply chain risk for affected developers and CI/CD environ...

Socket (socket.dev)

#sap #npmpackages #secure #programming #developer #security #privacy #infosec #tech #news

Google blocks 8.3B Policy-Violating Ads in 2025, launches Android 17 Privacy Overhaul.

The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in a more privacy-friendly manner. This includes a new Contact Picker, which offers a standardized, secure, and searchable interface for contact selection.

"This feature allows users to grant apps access only to the specific contacts they choose, aligning with Android's commitment to data transparency and minimized permission footprints," Google said.

https://android-developers.googleblog.com/2026/03/contact-picker-privacy-first-contact.html

️To comply with this update, developers are being urged to review their apps location usage to ensure that they are requesting the minimum amount of location data necessary for them to function.️

#android #security #privacy #engineer #media #infosec #developer #tech #news

Something supercharged Uranus with Radiation during Voyager Flyby 40 Years ago — Scientists now know what.

️Scientists may have solved a long-standing mystery surrounding Uranus extraordinarily strong radiation belt.️

A new analysis of Voyager 2 data suggests that a temporary space weather event may have made the planet's electron radiation belt more intense than usual as Voyager 2 was passing by. The findings could help to explain why the radiation belt was so much stronger than scientists had predicted it would be.

https://doi.org/10.1029/2025gl119311

#voyager #uranus #space #science #media #tech #news

Google rolls out Gmail end-to-end Encryption on Mobile Devices.

The company says Gmail end-to-end encryption [E2EE] is now available on all Android and iOS devices, allowing enterprise users to read and compose emails without additional tools.

️Recipients who don't have the Gmail mobile app and use other email services can read them in a web browser, regardless of the device and service they're using.️

Google Workspace Updates: Gmail end-to-end encryption now available on mobile devices

Workspace Updates Blog (workspaceupdates.googleblog.com)

#google #gmail #e2ee #it #security #privacy #engineer #media #infosec #tech #news