Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

From Reels to risks: How scammers are turning videos into malware traps

Cybercriminals are moving beyond email scams and into social media feeds, using tutorial-style videos on TikTok and Instagram to spread malware and steal credentials ...