Microsoft Virtual Studio Code is being targeted by North Korean hackers

Lazarus group’s Contagious Interview campaign abuses Visual Studio Code via malicious Git repositories Attackers deliver ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
Junior Mining Network

Military Metals Announces 2025 Soil Sampling Delineates 800m Antimony Anomaly, Last Chance Antimony Project, Nevada, USA

The uppermost decile of antimony assay results (53.5 ppm- 952 ppm) are geographically concentrated along a northwest – ...

How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot

Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; ...

Investors demand Home Depot assess data privacy risks amid ICE raids

Group calls for review of retailer’s partnership with Flock Safety, whose data has been used in ​immigration enforcement ...

How a simple link allowed hackers to bypass Copilot's security guardrails - and what Microsoft did about it

Reprompt impacted Microsoft Copilot Personal and, according to the team, gave "threat actors an invisible entry point to perform a data‑exfiltration chain that bypasses enterprise security controls ...
CSO Online

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, ...