GitHub has announced what it said are “breaking changes” coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the “npm install” command to trigger the execution of malicious code using npm lifecycle hooks. “Npm install”…
Tag: turns
AI, Global Security News, Network Security
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data business Bright Data markets heavily to the AI industry. The company, the successor to Luminati, operates what it calls the largest…
AI, Apps, Compliance, Global Security News, Risk Management
HYCU aiR detects insider risk and AI activity from backups
HYCU has announced HYCU aiR (AI Resilience), an AI-native solution that turns backup data across dozens of applications into a live and actionable intelligence for security, compliance, and IT teams. aiR lets organizations search, query, and run purpose-built agents to surface insider risk, sensitive data exposure, identity drift, and AI agent activity, using their backup…
AI, Global Security News, malware, Risk Management
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
Our research on Void Dokkaebi’s operations uncovered a campaign that turns infected developer repositories into malware delivery channels. By spreading through trusted workflows, organizational codebases, and open-source projects, the threat can scale from a single compromise to a broader supply chain risk.
AI, Apps, Exploits, Global Security News, malware, Risk Management
Mirax malware campaign hits 220K accounts, enables full remote control
Mirax, a new Android RAT, spread via Meta ads, infected 220,000 users and turns devices into SOCKS5 proxies, giving attackers full remote control. Mirax is a new Android remote access trojan spreading through ads on Meta platforms, targeting mainly Spanish-speaking users and reaching over 220,000 accounts. The malicious code lets attackers fully control infected devices…
Global Security News, Government & Policy
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
AI, Apps, Cybersecurity, Europe, Global Security News, Government & Policy, Risk Management
FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense
As if securing the enterprise against a tidal wave of AI tools wasn’t hard enough, it turns out the geopolitical instability of the moment is making things worse. That wasn’t the headline at RSAC 2026 last week — agentic AI dominated the agenda — but the stress was visible at the ground level if you…
AI, Global Security News
The Evangelist Teaching a 220-Year-Old Toothpaste Maker to Embrace AI
Colgate-Palmolive turns to Iraklis “Kli” Pappas to drive employees toward using AI for more than just polishing emails.
AI, Funding, Global Security News, Venture
Kiwi startup Contented raises $3.5 million and now eyes Australian expansion
Contented, an AI workspace that turns conversations into business-ready documents, has successfully closed a near $3.5 million seed funding round led by Altered Capital, with backing from prominent Australian VCs Shearwater Capital and Exhort Ventures.