The Hacker News

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners. The package in question is eslint-plugin-unicorn-ts ...
The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...
CNN

Wall Street banks scramble to assess fallout from hack of real-estate data firm

Hackers stole a trove of data from a company used by major Wall Street banks for real-estate loans and mortgages, setting off a scramble to determine what was taken and which banks were affected, ...
Reuters

JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack, NYT reports

SitusAMC said in a statement, opens new tab on its website on Saturday that it had been the subject of a cyberattack on November 12, compromising certain information from its systems and that "data ...