GovInfoSecurity

Breach Roundup: CISA Says Agencies Should 'Patch Smarter'

This week, CISA tightened patching rules, hackers provoked AI scanners. An accused Russian intel hacker appeared in court.
Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...
CSOonline

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
InfoQ

Dynamic Languages Faster and Cheaper in 13-Language Claude Code Benchmark

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...
Futurism

Claude Leak Shows That Anthropic Is Tracking Users’ Vulgar Language and Deems Them “Negative”

Add Futurism (opens in a new tab) More information Adding us as a Preferred Source in Google by using this link indicates that you would like to see more of our content in Google News results. AI ...
NPR

What Trump's language has in common with cult language

When President Trump says things like “fake news,” “witch hunt” or even “Make America Great Again,” he’s not just using catchy phrases — he’s persuading people into a way of thinking and believing.
The Atlantic

The Human Skill That Eludes AI

In a certain, strange way, generative AI peaked with OpenAI’s GPT-2 seven years ago. Little known to anyone outside of tech circles, GPT-2 excelled at producing unexpected answers. It was creative.
The Conversation

All 5 fundamental units of life’s genetic code were just discovered in an asteroid sample

A new study reveals all five fundamental nucleobases – the molecular “letters” of life – have been detected in samples from the asteroid Ryugu. Asteroid particles offer a glimpse into the chemical ...
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...