The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
AWS launched Lambda MicroVMs, a new serverless compute primitive that runs each user session or AI agent in its own ...
CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Cloudflare and AWS both implemented x402 stablecoin micropayments at their edge networks within two weeks. The open protocol ...