CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
InfoWorld

4 cutting-edge tools for spec-driven development

Kiro, Spec Kit, Tessl, and Zenflow offer a more systematic and structured approach to developing with AI agents than vibe ...
InfoQ

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
Communications of the ACM

Good Vibes: AI Coding Tools and Platforms

Technology that helps write computer code is not new, but advances in generative AI (GenAI) and agentic AI have catapulted ...

This viral vibe-coded game turns Google Maps into a time machine

That is the question that WenWare adds to the formula of GeoGuessr, a popular game that shows Google Maps locations all over ...

Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

The updated SHub stealer variant is called Reaper, and it uses macOS Script Editor, pre-populated with the malicious payload ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

OpenAI Deepens India Push With Bengaluru Hiring for Startup AI Deployment

OpenAI is expanding its India AI push with a Bengaluru-based hiring drive focused on startup deployments, enterprise AI ...
The Caledonian-Record

Phancy Group Ranked Number One in China’s Machine Learning Platform Market for the 8th Consecutive Year

IDC today released its China AI Software Market Semi-Annual Tracker, 2025H2 report. According to the report, Phancy Group ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...