TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO - The Hacker News - HEAL Security Inc. - Cyber Threat Intelligence for the Healthcare Sector

Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication

A critical vulnerability chain in Splunk Enterprise has been disclosed, enabling unauthenticated attackers to achieve remote code execution (RCE) through a misconfigured PostgreSQL sidecar service.

Screwworm spread tests US readiness after Trump staffing cuts

The U.S. spent decades driving the New World screwworm far into South America. But now the parasite has reemerged, and officials are working to beat it back

New Agentjacking Attack Hijacks AI Coding Agents to Execute Malicious Code

A newly disclosed Agentjacking attack class can silently weaponize AI coding agents against the very developers who rely on them, requiring no phishing, no server

Journalists Highlight Medical Neglect in ICE Detention, RFK Jr. Antidepressant Comments

KFF Health News chief Washington correspondent Julie Rovner discussed Health and Human Services Secretary Robert F. Kennedy Jr.’s position on antidepressants on WAMU’s 1A on

News and Analysis