CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...
CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
Business Insider

Treno Scope Announces Completion of Full-Stack Data Integration for BNB Chain Ecosystem, Building the First "Native-Level" Web3 Data Infrastructure of Southeast Asia

New York, May 06, 2026 (GLOBE NEWSWIRE) -- As Southeast Asia emerges as a crucial region for Web3 user growth and the deployment of on-chain applications, market demand for low-latency, verifiable, ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Reuters

Anthropic sues to block Pentagon blacklisting over AI use restrictions

NEW YORK, March 9 (Reuters) - Anthropic on Monday filed a lawsuit to block the Pentagon from placing it on a national security blacklist, escalating the artificial intelligence lab’s high-stakes ...
Dark Reading

'Semantic Chaining' Jailbreak Dupes Gemini Nano Banana, Grok 4

Researchers have coined a new way to trick artificial intelligence (AI) chatbots into generating malicious outputs. AI security startup NeuralTrust calls it "semantic chaining," and it requires just a ...
Vogue

Why Is Everyone Making Paper Chains This Holiday Season?

When I first saw red paper chains strung up in my friend’s Brooklyn apartment last year, I thought: Cute! What a fun throwback to Christmases of yore, and a way to make the place ten times cozier as ...