JavaScript Attack - Search News

Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft ...

19h

Study Reveals Exploit That Lets Your Browsing History Be Spied On Using Your SSD

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...

Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Morning Overview on MSN

The fake-CAPTCHA trick spreading now asks you to paste a command that installs malware

The Federal Trade Commission issued a consumer alert in June 2026 warning that a new breed of fake CAPTCHA pop-ups is tricking Windows users into running malicious commands on their own computers. The ...

The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Telegraph Herald

Ukrainian drones set Moscow refinery ablaze in major attack

Ukraine hit a major Moscow oil refinery for a second time in a week and disrupted commercial flights at Moscow airports in one of its biggest drone attacks since Russia’s ...

Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

‘Oil rain’ falls on Moscow after drone strike on refinery

Moscow’s main oil refinery supplies 40% of Moscow’s gasoline and aviation fuel, and 70% of the surrounding region. An oil refinery in Russia’s Rostov region was also set ablaze, in a strike that ...

Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

DataBreachToday

Mastra AI Framework Poisoned in npm Supply-Chain Attack

The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation ...

5don MSN

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.

Some results have been hidden because they may be inaccessible to you

Show inaccessible results