Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Ladybird browser integrates Rust with AI help

The independent browser project Ladybird has ported its JavaScript engine LibJS from C++ to Rust. AI tools significantly accelerated the translation.
Cyber Daily

Exclusive: Qilin ransomware targets quartet of Australian businesses in one month

Qilin’s next alleged Australian target – and, again, one based in Western Australia – Esperance Metaland, which was listed on ...
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
SecurityWeek

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
The Hacker News

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risks.
CSO Online

Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a ...

Trump to give State of the Union address on the backdrop of declining support

U.S. President faces an uphill battle as Americans sour on his economic, immigration and foreign policy agendas ...

Who is Clavicular, the 20-year-old influencer going viral for looksmaxxing and more?

Clavicular, whose real name is Braden Peters, is a pre-eminent looksmaxxer, a type of (usually male) influencer who is obsessed with optimizing his physical appearance, often through extreme measures.