Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

Hackers are using LLMs to build the next generation of phishing attacks

What if a phishing page was generated on the spot?
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Nike investigates possible data breach after leak claims

Nike NKE-N says it is investigating a potential data breach, after a group known for cyberattacks reportedly claimed to have leaked a trove of data related to its business operations.
AdExchanger

Microsoft To Stop Caching Prebid Video Files, Leaving Publishers With A Major Ad Serving Problem

Most publishers have no idea that a major part of their video ad delivery will stop working on January 31, roughly one month ...

When AI 'builds a browser,' check the repo before believing the hype

Autonomous agents may generate millions of lines of code, but shipping software is another matter Opinion AI-integrated ...
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain ...

The Open-Source Trust Reset

Enterprises need to practice governance of open-source software to regain control of their software supply chains.
Hackaday

Astronomy Live On Twitch

Although there are a few hobbies that have low-cost entry points, amateur astronomy is not generally among them. A tabletop Dobsonian might cost a few hundred dollars, and that is just the entry ...

CMS Energy: Let This Utility Light Up Your Portfolio With Gains

CMS's $20 billion five-year capex plan, likely to be raised, underpins 6%–8% annual adjusted EPS growth and expanding rate ...