Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Still looking? See more results on Wirecutter. We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more› By Caroline Mullen Caroline Mullen ...

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Rubrik (NYSE: RBRK) today introduced two new Identity Resilience capabilities to expand its product suite. The first, ...

James Chen, CMT is an expert trader, investment adviser, and global market strategist. Gordon Scott has been an active investor and technical analyst or 20+ years. He is a Chartered Market Technician ...

I didn't realize how much time I spent on cleanups until regex let me stop.