CleanFinder brings browser-based genome editing analysis to labs without coding

Genome editing lets scientists rewrite DNA, the instruction manual inside every living cell, with a precision that was unthinkable a generation ago. Technologies such as CRISPR have made this almost ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

With Just 1 Click, Researchers Figured Out How to Hijack Microsoft Copilot to Steal Your Data

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.
GitHub

Kernel Memory

This repository presents best practices and a reference implementation for Memory in specific AI and LLMs application scenarios. Please note that the code provided serves as a demonstration and is not ...