New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain

A Vercel employee's AI tool OAuth grant gave attackers access to internal systems via a four-hop kill chain. Here's what ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
BroadwayWorld

Next to Normal – by Brian Yorkey, Tom Kitt

Get the best news & discounts for Broadway Shows & beyond.
Sporting News

NASCAR schedule 2026: Dates, times, TV channels, live streams, winners for every Cup Series race

From the Clash at Bowman Gray through a relocated Championship Weekend, the 2026 NASCAR Cup Series season promises start-to-finish excitement. The schedule features several new wrinkles, including a ...