Market Factors: Bank outlook uninspiring, rotate to financial sector laggards

This Market Factors starts with a CIBC analyst’s heretical idea to take some profits on bank stocks and buy lagging ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

‘Tasting the Great Lakes isn’t just dining’

Ontario has the good fortune of being bordered by four of the five Great Lakes, not to mention being home to 250,000 ...

Fred Rogers Productions starts official Mister Rogers YouTube channel

Fred Rogers Productions launched an official YouTube channel for the iconic series, offering full episodes, archival footage ...
Cryptopolitan on MSN

IronWorm malware plants rootkit in Arweave ecosystem npm libraries

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...
Queerty

Madonna’s “Love Sensation” has us revisiting the 1980 disco classic that inspired generations of dance floor euphoria

Moving into the ’90s, acts like Black Box and Marky Mark and the Funky Bunch reimagined the track and Holloway’s vocals — ...
Opinion
HackadayOpinion

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
The Business Journals

Future-proofing Southern California businesses in the new hard tech environment

To continue reading this content, please enable JavaScript in your browser settings and refresh this page. Over the past decade, software companies have driven market ...