The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
Dark Reading

Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses

In a report this week, ESET tracks 35 separate Gamaredon spear-phishing campaigns against Ukraine carried out last year. In ...

MicrosoftのAIターミナル「Intelligent Terminal」に初の更新、Windows 10にも対応

米Microsoftは6月17日(現地時間)、「Intelligent Terminal 0.1.1」をリリースした。「Windows Terminal」にAIエージェントをネイティブ統合した実験的なターミナルアプリで、「Build ...

Kestra: Ops automation beyond CI/CD

CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...

Build 2026で見えたWindowsとLinuxの接近

Linuxでおなじみのコマンド群をWindowsで利用できるようにするCoreutils for Windows、Linuxコンテナを扱うWSL containers――MicrosoftはBuild ...
Windows Report

Microsoft Links Mastra AI npm Supply Chain Attack to North Korean Sapphire Sleet Hackers

Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...
Bleeping Computer

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...