Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

Microsoft turns to Amazon for help with GitHub's AI-driven capacity issues

Microsoft is adding AWS capacity to GitHub after AI-driven growth strained infrastructure and triggered a series of ...
The Hacker News

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

Oracle PeopleSoft zero-day CVE-2026-35273 was exploited before Oracle's June 10 advisory, exposing data and triggering ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoQ

Microsoft Announces Azure Linux 4.0, Its First General-Purpose Server Linux Distribution

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...
Fox Sports

World Cup 2026: What Are the Host Countries, Cities, Stadiums?

With the largest World Cup field ever (48 teams), you're going to need a lot of stadiums to host the 104 matches. That's why we'll have three countries (the most ever) hosting the tournament across 16 ...
Bleeping Computer

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...
ZDNet

Microsoft surprises with its first server Linux distribution: Azure Linux 4.0

Microsoft released its first full Linux distro: Azure Linux 4.0. Azure Linux ix split into Azure Container Linux and the virtual machine edition. Microsoft effectively admits that it's a de facto ...
AOL

6 Tips For Hosting A Successful Yard Sale

Warmer days are finally here. Spring in all its warmth, color, and glory has sprung, and if you live in the South, winter has become a distant memory. While home spring cleaning, decluttering, and ...