This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.

A quiet compromise of a popular open-source coding editor has turned into one of the most unsettling software supply-chain ...

Chinese hackers compromised Notepad++ updates for six months, deploying a backdoor to selectively target users in government and critical infrastructure sectors..

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Google updated its JavaScript SEO best practices document with a new section on how to set the canonial URL when using JavaScript. Google wrote, "The best way to set the canonical URL is to use HTML, ...

Google updated its JavaScript SEO documentation to warn against using a noindex tag in the original page code on JavaScript pages. Google wrote, "if you do want the page indexed, don't use a noindex ...

Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale. BlackForce, ...

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of ...

Why it matters: JavaScript was officially unveiled in 1995 and now powers the overwhelming majority of the modern web, as well as countless server and desktop projects. The language is one of the core ...

Microsoft has launched AI agents for Word, Excel, and PowerPoint. The agents are available for business and individual subscribers. Now accessible on the web, the agents will expand to the desktop.