Deno project is going to add cross-platform desktop apps in next major update

The next major release of Deno, a JavaScript/TypeScript runtime, will include new commands to build cross-platform desktop ...

Blues City Deli wins approval for awning after preservation board overturns staff denial

Blues City Deli has won approval to install a long canvas awning outside its Benton Park storefront, after the St. Louis ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Philadelphia’s life sciences boom: Inside the TerraPower Isotopes deal at Bellwether District

When TerraPower Isotopes (TPI) announced its $450 million investment to establish a radioisotope manufacturing facility, it ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
The Indiana Lawyer

US says chemical maker Chemours to pay $450M to settle ‘forever chemicals’ case

The settlement is the first by the federal government to resolve enforcement claims against a manufacturer of harmful chemicals known as PFAS.

Study Reveals Exploit That Lets Your Browsing History Be Spied On Using Your SSD

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
GovInfoSecurity

Cybercrime Initial Access Service SocGholish Disrupted

Long-running initial access service provider SocGholish, tied to Russian cybercrime stalwart Evil Corp, has been disrupted by ...