A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

Microsoft says North Korean-linked BlueNoroff compromised a Mastra npm maintainer account and published more than 140 ...

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...

The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation ...

It features a stern, older Italian woman unimpressed by her gay neighbors and their small rainbow flag. She describes it as ...

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...

Secure document editing in your own app. ONLYOFFICE Docs Developer equips web applications with secure, latency-free document ...

Splash is a javascript rendering service with an HTTP API. It's a lightweight browser with an HTTP API, implemented in Python 3 using Twisted and QT5. It's fast, lightweight and state-less which makes ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited ...