Exclusive: Chainguard extends Repository scanning and policies to Java, Python and containers

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

New MCP specification kills old risks but opens fresh attack surfaces, Akamai finds

A major overhaul of the Model Context Protocol due next month removes several longstanding protocol-level security risks but ...
The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

Missouri marijuana microbusiness application period to open July 13

Missouri will open applications for 77 microbusiness marijuana licenses, designed to boost representation in the cannabis ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...
The Next Web

Henrique Schmaiske and the human work behind Meteor 3.0

Meteor CTO Henrique Schmaiske led the framework's largest release in over a decade, removing Fibers and migrating to async/await across 2,300 commits while keeping 500,000+ active installations stable ...
Infosecurity Magazine

Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft ...
Indianapolis Business Journal

Jimmy Stewart film biography to open Heartland Film Festival in Indianapolis

Jimmy” will be shown Oct. 8 at the Scottish Rite Cathedral, serving as the opening night attraction for the 35th annual ...