The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
InfoQ

Anthropic Lead: HTML Increasingly Better Than Markdown at Keeping Humans Engaged in Agentic Loops

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
LinkedIn

AI-themed documents deliver AsyncRAT

A multi-stage campaign uses fake AI-themed documents to deliver AsyncRAT, enabling remote access and persistence. Social engineering via enticing document lures increases the risk of initial ...
note

PDF Editing Can Be Done for Free: How I Built a Browser Tool to Add Text and Images in 2 Hours Using Claude Code

Last month, I finally canceled my Adobe Acrobat subscription, which I had been paying over 1,500 yen for every month. The trigger was something trivial. I just wanted to stamp "Approved" on a PDF ...
Dark Reading

Vulnerabilities & Threats

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
GitHub

pdf-sdk

ComPDF SDK for Android — a full-featured PDF library offering comprehensive code samples and integration guides. Build robust PDF viewers and editors on Android with support for document viewing, ...
GitHub

Effective Java 中文版(第2版).pdf

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...