Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
MSN on MSN

Microsoft unveiled MAI-Code-1-Flash, its first model that turns descriptions into working code

Software developers working with command-line tools and large codebases now have a new option from Microsoft: ...
GitHub

‍♂️ Loki Command & Control

Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion ...
GitHub

WasiMohd/azure-powershell-toolkit

This repository contains PowerShell scripts organized by Azure service categories. Scripts include proper error handling, parameter validation, and follow PowerShell ...
The Hacker News

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a ...