Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

After 7 Million Investigations in Production, 7AI Widens the Gap in Agentic Security with PLAID ELITE and 100 New AI Jobs in Boston

AI, the company making AI agents work for security teams, today announced PLAID ELITE, its fully managed AI-native security operations offering, and 100 new AI jobs at its Boston headquarters. One ...
couriernews.com

Former Iowa superintendent to be sentenced for claiming to be a US citizen before likely deportation

The former superintendent of Iowa’s largest school district is set to learn Friday how long he will be in prison after he was convicted of falsely claiming to be a ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
Computerworld

Industry

EU moves forward on $5.8B scale-up fund to keep startups from leaving The initiative is part of a broader EU push to build up the domestic tech sector and address a long-standing shortage of ...
sei.cmu

CERT Division

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...
Fair Observer

World News

In a world defined by polycrisis, leaders are trying to ...