Stop managing vulnerabilities and start managing scanner assumptions

Run two industry-standard scanners on the same container image and you will get two entirely different answers.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...
Gov

From streets to recovery: Gov’t delivers livestock support, cash aid, livelihood packages under Pag-abot program

Zamboanga City — Across the Zamboanga Peninsula, street dwellers are being given a chance to start over through the government’s Pag-abot Program, which provides not only immediate assistance but also ...
GeekWire

Microsoft employees learn details of voluntary retirement package: Here’s what the company is offering

A Microsoft-branded beanie at the company store at the tech giant’s Redmond, Wash., headquarters. (GeekWire File Photo / Todd Bishop) Microsoft employees eligible for the company’s first-ever ...
The Verge

Here’s what Microsoft is offering long-serving employees to voluntarily retire

Some Microsoft employees will be offered a package of healthcare, cash, and stock vesting if they voluntarily retire. Some Microsoft employees will be offered a package of healthcare, cash, and stock ...

One tool call to rule them all? New open source Python tool Runpod Flash eliminates containers for faster AI dev

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential orchestration layer for the AI-first cloud.

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...
Bleeping Computer

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.3, ...
Saint Louis University

Package Pricing Now Available for Three CPHSJ Programs

New for the Fall 2026 semester, newly admitted students to the Saint Louis University Master of Science in Health Administration (M.S.H.A.), and Master of Health Administration (M.H.A.) programs will ...
Business Insider

Meta executives could make billions under a blockbuster Elon-style pay package

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Meta's C-suite is set to score a big increase in their compensation — if the $1.5 trillion tech ...
KSTP-TV

Senate Democrats announce wide-ranging package aimed at preventing fraud

Senate Democrats on Tuesday announced a wide‑ranging package they say is designed to prevent fraud in state programs, strengthen oversight, and rebuild trust with Minnesotans who rely on those ...