New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
CSO Online

12 ways attackers abuse cloud services to hack your enterprise

As enterprises increasing depend on cloud services, living off the land has evolved into living off the cloud.
ABC7 KABC

Hacker accessed FBI server that included Epstein files in 2023, files suggest

A hacker in 2023 was able to access an FBI server that contained some files related to Jeffrey Epstein, according to documents released by the Department of Justice.
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now lets developers scaffold a working MCP server in minutes. Here's what that looks like in practice -- including the parts that don't work, and a simpler ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.