The Hacker News

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
LinkedIn

CSS Minifier cssnano 30% Faster with Optimizations

𝗜 𝗠𝗮𝗱𝗲 𝗰𝘀𝘀𝗻𝗮𝗻𝗼 𝟯𝟬% 𝗙𝗮𝘀𝘁𝗲𝗿 I worked on cssnano. It is a CSS minifier. I made it 30% faster. I had one rule. The output must stay the same. The wins came from three changes: - I ...
Computerworld

Industry

Apple’s AI plans show promise, but proof of success still to come — analysts Apple is promising AI today, not tomorrow — so how is the tech industry reacting to Monday’s keynote announcements? With a ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
The Hacker News

Malware | Breaking Cybersecurity News | The Hacker News

A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin's XLab calls it AryStinger and ...