InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Developer Tech

JetBrains marketplace malware exposes developer API keys

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...

Bitcoin's historical performance

Viewed from that perspective, Bitcoin's current price starts to look more like a bargain. If you're buying now, you're ...

Meta-Harness for AI Agents: Databricks Releases Omnigent as Open Source

The Meta-Harness Omnigent combines AI agents like Claude Code and Codex under a common policy and collaboration layer – under ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
Infosecurity Magazine

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious ...

Football World Cup: FIFA streaming was easily hackable

An IT researcher could have manipulated FIFA's live streaming for the 2026 Football World Cup due to a lack of proper ...
Global Investigative Journalism Network

New Tools for Tracking US Migrant Detention Centers and Illicit Dual-Use Exports for Russian War Effort

Featuring two free-access databases that provide hard-to-find accountability evidence on the mass migrant detention network ...
WeLiveSecurity

FishMonger’s arsenal upgraded: SprySOCKS for Windows

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

Fullstory launches three new solutions to power intelligent digital experiences

Fullstory, a leading behavioral data company, today announced three new solutions: Fullstory Model Context Protocol (MCP), StoryAI Agents, and Workflow Intelligence, bringing users closer together ...