Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
GitHub

GitHub - microsoft/coreutils: Coreutils for Windows: Installer & Packaging

UNIX-style core utilities for Windows. The same commands and pipelines you use on Linux, macOS, and WSL - natively. PowerShell 7.4 or newer is required. Older ...