Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Renowned infantry battalion’s senior leaders removed from command pending probe

Spokesperson Andrée-Anne Poulin said Commanding Officer Lieutenant-Colonel Jason Hudson and Chief Warrant Officer Kim Doerr ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

St. Louis police board votes to approve raises for command staff

The proposal would increase salaries for police lieutenants, captains, majors and lieutenant colonels, and calls for raises ...
Morning Overview on MSN

The fake-CAPTCHA trick spreading now asks you to paste a command that installs malware

The Federal Trade Commission issued a consumer alert in June 2026 warning that a new breed of fake CAPTCHA pop-ups is ...

Tampa Bay region emerges as key player in federal policymaking as Florida's influence grows

Each year, federal agencies issue thousands of proposed and final rules with significant economic implications. Companies ...

US-Iran talks begin in Switzerland as Tehran says it closed Strait of Hormuz

Iran said Israel's continued attacks in Lebanon are a breach of Tehran's agreement with the US to end the war.
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...