Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

Mysterious disappearance of alleged Israeli spy puts Lebanese state in a tough spot

A man accused by Lebanese officials of being part of an Israeli intelligence plot took refuge in the Ukrainian Embassy in ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Mike Gansey wants fountains, not drains. Can new 76ers president find a path toward NBA title?

Mike Gansey acknowledges that the 76ers are not currently a championship-caliber team. He has taken over as Philadelphia’s ...

RBC’s insurance head to depart two years into group executive role

Royal Bank of Canada RY-T is restructuring the leadership of its insurance arm, changes driven by the departure of the division’s head. Jennifer Publicover, who runs RBC Insurance, is leaving the bank ...