The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Outreach AI Now Powered by ZoomInfo's GTM.AI as the GTM Context Layer for Sales Agents

ZoomInfo has connected its verified GTM intelligence into Outreach AI, giving every Outreach agent company and contact data through a native ...
Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...
GitHub

nelladath/Intune-Patch-Compliance-Reporter

PowerShell script to generate Windows Patch Tuesday compliance reports from Microsoft Intune. Supports CSV file input or Azure AD security group via Graph API. No hardcoded IDs — fully UI-driven. - ...
GitHub

Microsoft Graph JavaScript Client Library

The Microsoft Graph JavaScript client library is a lightweight wrapper around the Microsoft Graph API that can be used server-side and in the browser.