Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
InfoQ

How WebAssembly Components Enable Safe and Portable Software Extensions

ABI and scripting to the Wasm Component Model (WASI Preview 2). He shares how to build secure plugin systems that run at near ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

The Lesson of A.I. Literacy Class: Don’t Let the Chatbot Think for You

Teachers say they want to equip high school students to drive artificial intelligence, rather than be mere passengers steered by chatbots.

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days later, they shipped Claude Code Security. Here's what reasoning-based ...