Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
techtimes

OpenAI Codex Automation Gains Record and Replay: Show It Once, Skip the Script

OpenAI has added a feature to its Codex macOS app that changes the barrier to AI-powered automation: instead of writing a prompt or configuring a workflow, a user performs a task while Codex watches, ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Sophos X-Ops analysts published research this week concerning an unidentified threat actor using AI technology to develop endpoint detection and response (EDR) evasion tactics through the lens of what ...
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...
Metro

Heartstopping moment families watch acrobat’s rope snap during high wire act at Butlin’s

Parents and children watched on in horror as an acrobat plummeted to the ground when a rope snapped during a high-wire act. Holidaymakers at Butlin’s Bognor Regis resort were left shocked after the ...
IGN

Seth Rogen Tells Filmmakers Using AI to Write Scripts to 'Go Do Something Else'

Seth Rogen has pushed back on the use of AI in movies, telling writers using the technology for their scripts to "go do something else." "I don't understand what it's supposed to do. Every time I see ...
The Hollywood Reporter

Seth Rogen Says If “Your Instinct Is to Use AI” to Write Scripts, “You Shouldn’t Be a Writer”

'The Studio' creator said people who are thinking about using the technology to aid their writing skills should try another occupation: "Go do something else." By McKinley Franklin Don’t expect Seth ...
Macworld

Should you keep your MacBook plugged in when you’re using it?

Over the last several years, Apple has dramatically improved how it handles lithium-ion battery charging in iPhones, iPads, Macs, and Apple Watches. Across multiple system releases, the company moved ...
Inverse

AI Is Permanently Banned From Major Oscar Categories

Hollywood’s biggest stars, alongside its most powerful studios, are leaning hard on the idea that AI integration is inevitable. Actors like Matthew McConaughey and Sandra Bullock claim we’re all but ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...