News

Freelance dev shop Toptal caught serving malware after GitHub account break-in
Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems ...
InfoWorld2d
MCP C# SDK updated to support latest Model Context Protocol spec
Update to the MCP SDK for C# brings an improved authentication protocol, elicitation support, structured tool output, and ...
worldhealthorganization22d
How to Implement Secure Authentication in MERN Stack Projects?
Learn how secure authentication in MERN stack apps protects user data using JWT, bcrypt, and role-based access controls!
CSO Online1d
Supply chain attack compromises npm packages to spread backdoor malware
In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing ...
CISA and FBI warn of escalating Interlock ransomware attacks
CISA and the FBI warned on Tuesday of increased Interlock ransomware activity targeting businesses and critical ...
CSO Online10d
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.
SecurityWeek1d
SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack
SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks.
Npm package with millions of downloads is at risk from malware hijacking
Experts have warned that ‘is’, an npm package with more than 2.8 million weekly downloads, was also compromised in the same ...
Mojoauth Revolutionizes Developer Productivity With Industry's First LLM Implementation Guide
MojoAuth - Passwordless login plugin MojoAuth Dashboard MojoAuth Growth and Product Innovation MojoAuth-Logo Breakthro ...
npm 'accidentally' removes Stylus package, breaks builds and pipelines
Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the ...
Not pretty, not Windows-only: npm phishing attack laces popular packages with malware
The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages ...