Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
The Hacker News

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...
GitHub

Once: Easy self-hosting for Docker-based web apps

ONCE is a platform for installing and managing Docker-based web applications. Its goal is to make self-hosting applications as simple as possible. As well as simplifying the initial setup, ONCE also ...
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...
GitHub

Ephemeral, reproducible, cached development environments

💡 Pro Tip: EasyEnv is perfect for testing libraries, running CI/CD pipelines, teaching Python, and keeping your development environment pristine. Think of it as "Docker for Python, but faster and ...
The Upcoming

Interactive learning apps: Ten best tools to use in 2026

Adult participation in self-directed professional training has risen recently. This increase occurs as professionals ...
Tech Times

Home Assistant Android 2026.6.2 Beta Patches URI Hijack Risk, Adds Native Barcode Scanner

Home Assistant Android update 2026.6.2 beta patches a URI intent-hijacking vulnerability that could let attackers reach ...