Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
GitHub

modaic-ai/gepa-viz

Live visualization for GEPA prompt-optimization runs. Renders the candidate tree as a force-directed graph so you can watch prompts evolve over a pareto frontier in real time. Big nodes are candidates ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
autoevolution

3D Renderings of future car models or just concepts

1 Jun 2026, 01:00 UTC · By: Aurel Niculescu // Uygar, a "professional daydreamer" based in Turkey and known as 'uygarspots' on social media, has taken note of the all-new commotion around Ferrari ...