Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

VAR official says hand gesture was 'involuntary, subconscious twitch'

Video assistant referee Shaun Evans has denied "intentionally" making a hand gesture "to communicate a message, affiliation, ...
Goodwood

OLO: the Sheffield startup teaching everyone to speak robot

Sheffield startup OLO Robotics has built a way to program robots from a web browser, no PhD or coding experience required.
Analytics Insight

Top Functional Testing Tools & Frameworks You Should Know in 2026

Overview:  Functional testing tools help teams verify that software works as expected across web, mobile, and API ...

TIOBE Index June 2026: Rust Hits New High as Python Slips

June 2026 TIOBE Index shows Python slipping below 19%, C++ moving back ahead of Java, and Rust reaching #12 as Paul Jansen ...

TIOBE Index for June 2026: Top 10 Most Popular Programming Languages

Python’s lead narrows again, C holds the runner-up spot, C++ returns to third, and SQL climbs back above R in June’s top 10 ...

Gold faces fork in the road as tentative peace deal reached in Middle East

The United States and Iran have reached a tentative peace deal, with a number of details yet to be ironed out. The agreement, set to be signed in Geneva on Friday, will allow the Strait of Hormuz to ...

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

Senators want CBC to bring in outside experts to analyze fairness, balance of news reporting

A Senate inquiry into the role of the CBC has recommended that the public broadcaster bring in outside experts to ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...