Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
InfoWorld

Deno update streamlines creation of desktop apps

Experimental ‘deno desktop’ feature in Deno 2.9 produces a native desktop application that compiles into a single ...
The Hacker News

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...
SecurityWeek

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

A threat actor has been exploiting CVE-2026-48558, a critical SimpleHelp vulnerability, to drop TaskWeaver and Djinn Stealer ...

SimpleHelp Flaw Exploited to Deploy Malware Targeting Windows, macOS, and Linux

A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...

No more Java refills for Intel Macs after JDK 27, says Oracle

Oracle is moving to stop maintaining the macOS/x64 port of the Java Development Kit (JDK) from version 27, which is expected ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Breast cancer study: Changes to lymph nodes could identify who is most at risk

The lymph nodes in the armpit are often the first place breast cancer spreads to. Everyone with invasive breast cancer currently has to undergo surgery to remove lymph nodes to check for cancer cells.

Aikido Acquires Root to Defend Open Source From AI-Powered Attacks

AI agents research, patch, and test open-source vulnerabilities without forcing teams to upgradeGHENT, Belgium, June 30, 2026 ...
The Hacker News

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy ...
Infosecurity Magazine

Hackers Leverage Blockchain to Hit Japan's Hotels Through Booking.com Phishing

A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware ...
The Next Web

Henrique Schmaiske and the human work behind Meteor 3.0

Meteor CTO Henrique Schmaiske led the framework's largest release in over a decade, removing Fibers and migrating to async/await across 2,300 commits while keeping 500,000+ active installations stable ...