Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
GitHub

Another Qt installer(aqt)

This is a utility alternative to the official graphical Qt installer, for using in CI environment where an interactive UI is not usable, or just on command line. It can automatically download prebuilt ...