#maven tag - Briefly

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the "setup_bun.js" loader and the main payload "bun_environment.js." "This means the PostHog project has compromised releases in both the JavaScript/npm and Java/Maven ecosystems, driven by the same Shai Hulud v2 payload,"

Science

fromwww.scientificamerican.com

3 weeks ago

Interstellar Comet 3I/ATLAS Just Got a NASA Photo Shoot

NASA spacecraft across the inner solar system captured new images of interstellar Comet 3I/ATLAS, the third known interstellar object, during late September–October 2025.

fromInfoQ

1 month ago

Voices Enables Fast Text-to-Speech for Java Applications

Voices, an open-source text-to-speech project, was designed for applications running on Java 17 or newer. The library requires no external APIs or manually installed software. Audio files can be generated for various languages based on dictionaries or OpenVoice. Henry Coles, creator of Voices and Pitest and head of mutation testing at Arcmutate, introduced Voices on Bluesky in September 2025 and the latest version, released in late October 2025, is 0.0.8.

Artificial intelligence

Java

fromRaymondcamden

5 months ago