The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
GitHub

Guidance for Multi-Agent Orchestration using Amazon Bedrock AgentCore on AWS

This Guidance demonstrates how to build and deploy multi-agent systems using Amazon Bedrock AgentCore and Strands Agents SDK. Traditional approaches to multi-agent systems require managing complex ...
press.aboutamazon

Reactor Emerges from Stealth with $59M to Build the Platform for Real-Time AI Worlds

Funding led by Lightspeed with participation from WndrCo, Amplify Partners and others, Reactor provides the infrastructure layer for real-time generative video SAN FRANCISCO, May 28, 2026 — Reactor, ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...