The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

U of M invests in women's basketball program, new coach Hana Haden

Preview this article 1 min The University of Memphis women's basketball team hasn't made the NCAA Tournament since 1998.
CSO Online

Microsoft says web-enabled AI agents can trigger host-level RCE

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...

Corporate Counsel Awards 2026: Mercy legal leader tackles AI as healthcare innovation creates new design challenges

The vice president and assistant general counsel at Mercy manages regulatory risks for artificial intelligence and digital ...

These fake AI ads are perfectly soulless

Another advertises a faux company that recently rebranded. “Zipline is now Froggle,” the ad says matter-of-factly. “The cloud ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...
Cult of Mac

10 features in macOS Golden Gate that Apple barely mentioned

OS 27 is packed with hidden features — which will make your daily life on the Mac all the better. Here are the 10 best.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Next Web

Henrique Schmaiske and the human work behind Meteor 3.0

Meteor CTO Henrique Schmaiske led the framework's largest release in over a decade, removing Fibers and migrating to async/await across 2,300 commits while keeping 500,000+ active installations stable ...
The Caledonian-Record

With Trump in a holding pattern on Iran war, allies and critics worry he risks getting boxed in

President Donald Trump insists he's comfortable with the current holding pattern in the Iran war. But the Republican president faces warnings from foes and allies alike that he’s getting boxed ...

For people in Detroit and Windsor, Gordie Howe bridge delay fits a familiar – and frustrating – pattern

The international bridge whose opening was abruptly cancelled this week has long been fought against by the billionaire ...