Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
WeLiveSecurity

BladedFeline: Whispering in the dark

In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT group behind the attacks is BladedFeline, an Iranian threat actor ...
Ars Technica

Adventures coding with AI

Work is pushing AI pretty hard and some people are chewing up tokens like crazy. We had a session where one coworker showed his cursor setup and the different MCP servers he's tied into to automate ...