Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Bleeping Computer

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...
Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

Trump is taking Canada to task on forced labour. It’s a ploy, but he’s got a point

U.S. President’s latest tariff threat is tied to our country’s lack of enforcement in keeping out goods made with forced ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Payload Asia

Kuehne+Nagel to reduce air freight emissions for Google Cloud shipments with sustainable ...

Kuehne+Nagel is collaborating with Google to support the reduction of air freight emissions through the use of sustainable ...

Exante launches €1 million Gekko Fund to support open source software projects

A global prime broker EXANTE today announces the launch of Gecko Fund, a new €1 million grant programme to support critical open-source software projects used across trading and financial data systems ...