Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...

Microsoft’s new Surface RTX Spark Dev Box packs Nvidia Blackwell AI power and 128GB of unified memory to run large AI models locally, helping developers cut cloud costs and rethink enterprise AI ...

Your wallet is going to love this list ...

Cybercriminals are using counterfeit AI learning material and developer guides to lure professionals into opening files that trigger a multi-stage malware chain ending in AsyncRAT, a remote access ...

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.

Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious ...

Windows Management Instrumentation Command-line (WMIC) is a tool introduced by Microsoft for tracking events on a Windows PC, including hardware, processes, settings, and user accounts. The ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.