Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...

Allegheny County authorizes $18M for Tree of Life campus redevelopment

The financing will support construction and renovation of over 25,000 square feet of space on the campus, which has been ...
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Telegraph Herald

Ukraine’s latest long-range strikes on Russia hit a major natural gas plant and satellite centers

Ukrainian forces struck a major natural gas processing plant and two key satellite communications centers in their latest ...

Badenoch broadens attack on Labour in Starmer's first PMQs since resignation

The Conservatives say the Tory leader won't apologise after she targeted members of the prime minister's cabinet in a fiery ...

Study Reveals Exploit That Lets Your Browsing History Be Spied On Using Your SSD

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...

Trump asks Congress for billions for Iran war, after tension with Republicans

But the budget faces an uphill battle as the president spars with some members of his own party over the issue.
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Telegraph Herald

2 more arrests in alleged planned attack on UFC show

Two more people in Missouri and Washington state have been arrested in connection with what authorities say was a planned ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...