24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data

Cybernews researchers found an exposed database with 24 billion credential records, raising fresh risks from password reuse ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Hack of the day: Stop using '123456' or birthdays as passwords – here's the safer way

Hack of the day: Cybercriminals rarely guess passwords manually. Instead, they use automated tools that can test millions of ...