Friday, June 12, 2026

RSS

🔴 Breaking

Sophie Kasaei gives birth! Geordie Shore star welcomes 'miracle' son with TOWIE's Jordan Brooks following years of fertility struggles The reality sta As OpenAI files for IPO, Sam Altman’s eye-scanning company is doing layoffs, report says Chinese mining CEO says Strategy can survive a $30,000 bitcoin without selling Valid certificates, stolen accounts: how attackers broke npm's last trust signal $1.26B Bitcoin ETF outflows spark ‘contrarian’ buy signal: Santiment The startup killer: Ledger CTO says the EU's crushing compliance costs are choking Web3 innovation Humanity Protocol token falls 85% amid $30M private key exploit Forehead tattoos and alcohol dares: Inside the dark underbelly of crypto's memecoin craze Apple just taught your iPhone to finish your sentences, your photos, and your workflows Billionaire West Ham co-owner accused of abusing his power and preying on women for sex Sophie Kasaei gives birth! Geordie Shore star welcomes 'miracle' son with TOWIE's Jordan Brooks following years of fertility struggles The reality sta As OpenAI files for IPO, Sam Altman’s eye-scanning company is doing layoffs, report says Chinese mining CEO says Strategy can survive a $30,000 bitcoin without selling Valid certificates, stolen accounts: how attackers broke npm's last trust signal $1.26B Bitcoin ETF outflows spark ‘contrarian’ buy signal: Santiment The startup killer: Ledger CTO says the EU's crushing compliance costs are choking Web3 innovation Humanity Protocol token falls 85% amid $30M private key exploit Forehead tattoos and alcohol dares: Inside the dark underbelly of crypto's memecoin craze Apple just taught your iPhone to finish your sentences, your photos, and your workflows Billionaire West Ham co-owner accused of abusing his power and preying on women for sex

AI

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

DigiviNews June 12, 2026 11:22 AM UTC ~1 min read

On May 19, 633 malicious npm package versions passed Sigstore provenance verification. They were cleared by the system because the attacker had generated valid signing certificates from a compromised maintainer account.

Sigstore worked exactly as designed: it verified the package was built in a CI environment, confirmed a valid certificate was iss

Key Points

On May 19, 633 malicious npm package versions passed Sigstore provenance verification.
They were cleared by the system because the attacker had generated valid signing certificates from a compromised maintainer account.
Sigstore worked exactly as designed: it verified the package was built in a CI environment, confirmed a valid certificate was iss

Stay Informed

This story is actively developing. DigiviNews will continue to provide updates as more information becomes available. Follow us on all social platforms for real-time breaking news coverage in Ai and beyond.

Related Stories

AI

Sophie Kasaei gives birth! Geordie Shore star welcomes 'miracle' son with TOWIE's Jordan Brooks following years of fertility struggles The reality sta

Jun 12, 2026

As OpenAI files for IPO, Sam Altman’s eye-scanning company is doing layoffs, report says

AI

As OpenAI files for IPO, Sam Altman’s eye-scanning company is doing layoffs, report says

Jun 12, 2026

Apple just taught your iPhone to finish your sentences, your photos, and your workflows

AI

Apple just taught your iPhone to finish your sentences, your photos, and your workflows

Jun 12, 2026

Apple bets cheaper AI will woo small developers

AI

Apple bets cheaper AI will woo small developers

Jun 12, 2026