Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

A developer accidentally gained control of more than 10,000 DJI devices

An AI strategist recently demonstrated to The Verge how he accidentally gained sweeping control over thousands of DJI robot ...
Arizona Daily Star

CBP awards contract of up to $105 million for migrants' facility in Tucson

Federal officials awarded a contract worth up to $105 million to a New York company for a tent-like facility to house migrants in Tucson. The facility is being built on Tucson’s south side for Customs ...