Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

I Received a Suspicious Six-Figure Client Inquiry — Here Are the 5 Red Flags

The most dangerous client inquiries often look attractive on the surface, but the real warning signs appear immediately in ...