Cybernews

Malicious NPM package racks up 50,000 infections in days, developers fully compromised

A malicious NPM package, ambar-src, mimicking a popular JavaScript framework, was downloaded nearly 50,000 times in a few ...
WinBuzzer

Leaked Code Reveals OpenAI’s Secret Government Surveillance Network

Researchers have exposed OpenAI's covert Persona watchlist, active since 2023, screening users for government agencies via 53 ...

Infantino sure of 'spectacular' World Cup in Mexico despite violence

BBC Sport explores the unfolding security situation in Mexico, as Fifa says it is "closely monitoring" developments before this summer's World Cup.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...