Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
Nature

‘Megacluster’ of genes enables bacteria to make potent antibiotic mixture

Soil bacteria make cocktails of molecules that synergistically inhibit the growth of microbial pathogens — suggesting a ...
makeuseof

I run three self-hosted apps on a $35 Raspberry Pi and they never skip a beat

Yadullah Abidi is a Computer Science graduate from the University of Delhi and holds a postgraduate degree in Journalism from the Asian College of Journalism, Chennai. With over a decade of experience ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
techtimes

Xiaomi MiMo Code Claims to Beat Claude Code: Benchmark Scores Are Self-Reported

Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...

Cloudflare acquires VoidZero, maker of the Vite JavaScript toolchain

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript build tools that surround it, in a move to position its developer platform ...
cryptopolitan

Crypto wallets targeted in SAP-linked npm supply-chain attack

Four real SAP npm packages were hacked. The hackers added code that steals crypto wallets, cloud credentials, and SSH keys from developers. These packages had more than 500,000 downloads a week. Four ...
makeuseof

I gave Claude Code five years of notes and finally got the organization I'd been waiting for

Yadullah Abidi is a Computer Science graduate from the University of Delhi and holds a postgraduate degree in Journalism from the Asian College of Journalism, Chennai. With over a decade of experience ...
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring. Four SAP NPM packages have been injected with malicious code as part of a new ...
CSOonline

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software. The campaign, referred to as “mini ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. mbt@1.2.48 @cap-js/db-service@2.10.1 @cap ...