Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Israel and Hezbollah agree to ceasefire after fighting postpones U.S.-Iran talks

Iranian officials didn’t travel as planned to Switzerland, insisting that fighting in Lebanon must stop before talks can take place, officials say ...

Iran deal ‘architect’ JD Vance risks the fury of GOP hawks

As news of a deal to end the Iran war broke on Sunday, Republican hawks could not believe their ears. After weeks of going to ...
The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 145 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have ...
InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...

Daily Search Forum Recap: June 17, 2026

Here is a recap of what happened in the search forums today, through the eyes of the Search Engine Roundtable and other search forums on the web. We are seeing heated Google Search ranking volatility ...

Video: Trump claims 'no limits' to his power after Iran supreme leader says deal made from 'desperation'

U.S. President Donald Trump said there were 'no limits' to his power in an interview with Axios despite in remarks that come amid a fragile diplomatic situation over Iran and a ceasefire in Lebanon.
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, ...