Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...
SecurityWeek

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...
The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

Immigration Department faces almost 300 federal court challenges over denial of hearings to asylum claimants

Federal court accepts at least 270 cases for judicial review of Ottawa’s new asylum law, with more applications each week, ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Tech Times

Stolen Passwords: Europol Seizes 27M Credentials in Infostealer Takedown

Operation Endgame malware takedown seized 326 servers, froze $47M in criminal cryptocurrency, and recovered 27 million stolen ...
Total Telecom

FIFA scams shift focus from fans to employees, CUJO AI finds

Major global sporting events have always attracted opportunistic fraud. The 2026 FIFA World Cup, played across the United ...
SecurityWeek

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched GCP flaw enables takeover.
Atlanta Magazine

The Difference Between Front-End and Back-End Web Developers

Web developers create functional, appealing websites for users to interact with. Web development is often categorized into ...

Public Safety Minister makes changes to lawful access bill

The Public Safety Minister has agreed to a number of surgical changes to Ottawa’s controversial lawful access bill, including ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Queerty

As I get older, I’m suddenly really attracted to dad bods. What changed?

"Hi Jake, I used to be exclusively into lean, athletic guys. But lately, I’ve weirdly found myself attracted to Dad Bods. If ...