Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them

Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them ...
The Hacker News

144 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
GovInfoSecurity

Mastra AI Framework Poisoned in npm Supply-Chain Attack

The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
acm.org

HexStrike Exploit Raises Cyber Stakes

Cyberattacks once moved at the pace of human hackers. Even with scripts, the manual effort that malicious actors needed to navigate networks constrained their attacks. Today, threat actors use agentic ...
SMEChannels

CrowdStrike Report Warns AI Race Is Fueling a New Wave of Cyber Espionage Against Global Technology Firms

As artificial intelligence becomes the defining battleground of technological leadership, CrowdStrike’s 2026 Technology ...
GitHub

lenucksi/aur-malware-check

Detection and analysis tools for the atomic-lockfile supply-chain attack on the Arch User Repository (AUR). This is a collection of all the scattered resources, especially the ones in the detection ...