The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Build 2026で見えたWindowsとLinuxの接近

Linuxでおなじみのコマンド群をWindowsで利用できるようにするCoreutils for Windows、Linuxコンテナを扱うWSL containers――MicrosoftはBuild ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
CSO Online

Be on the lookout for Mistic, a new backdoor used by ransomware broker

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.

Surface RTX Spark Dev Box Features, Price, Specs, Where to buy, Release date

Surface RTX Spark Dev Box is a compact, small-form-factor desktop PC that is built specifically for developers and data ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

Parallels RAS Expands Virtual Desktop Flexibility with New Hypervisor-Agnostic Custom ...

Parallels, a leading global provider in virtualization and end-user computing (EUC) solutions, today announced a significant update to Parallels RAS (Remote Application Server), introducing a new ...

Kestra: Ops automation beyond CI/CD

CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...