JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

Vu Technologies built over 100 studios. Now it’s focused on AI 'experiences'

Vu Technologies is transforming from a virtual production company into something CEO Tim Moore said is "much more high-tech ...
Queerty

Madonna’s “Love Sensation” has us revisiting the 1980 disco classic that inspired ...

Moving into the ’90s, acts like Black Box and Marky Mark and the Funky Bunch reimagined the track and Holloway’s vocals — ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Tampa Bay Wave unveils 15 startups selected for latest tech accelerator cohort

Fifteen startups were selected for the nonprofit accelerator's latest cohort, including three Florida-based companies.
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
Telegraph Herald

FBI fires several analysts tied to disputed ‘Catholic ideology’ memo

Several FBI analysts tied to the creation of a 2023 memo warning of a potential threat from Catholic “violent extremists” ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline ...

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Crowdfund Insider

Cybercriminals Exploit Fintech Platform Stripe in Credit Card Skimming Operation

An emerging wave of rather concerning online theft is leveraging one of the Fintech sector’s most widely used platforms in order to conceal and reportedly distribute malicious code designed to harvest ...
The Caledonian-Record

TrendAI™ Launches Inception Program to Power the Next Wave of Secure AI Innovation

Supported by AWS, GMI Cloud, and the AI startup ecosystem, initiative will equip more companies to deliver AI solutions that customers trust ...
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...