Andrew Davies
Back to sources
email newsletterJuly 10, 2026

npm 12 Reduces Supply Chain Risk โ›“๏ธ, 130 Exploits Published ๐Ÿ‘ฟ, Linux Distro Sabotage ๐Ÿ’ฃ

TLDR InfoSec

Retained excerpt

GitHub released npm 12 with install scripts, git dependencies, and remote URL installs turned off by default, forcing explicit approval ๐Ÿ”“ ATTACKS & VULNERABILITIES A PUERTO RICO GOVERNMENT AGENCY EXPOSED 1M SOCIAL SECURITY NUMBERS (3 MINUTE READ) The government agency that collects property taxes in Puerto Rico accidentally exposed the SSNs of 1M people. The Municipal Revenue Collection Center maintains an interactive property map which shows the owner names, lot sizes, tax assessment, and sale price for every registered property on the island. Researchers discovered that while the map itself did not surface additional sensitive information, โ€œanyone who understands how websites request dataโ€ could access unprotected personal information, including SSNs. DISCORD AI MODERATION GLITCH WRONGFULLY BANS 8K USERS IN 24-HOUR PERIOD (2 MINUTE READ) Discord acknowledged a severe glitch in its AI content moderation system that led to thousands of users being wrongfully banned. Discord hadโ€ฆ

This limited excerpt is retained to explain the source trail. Rights remain with the original publisher.