Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Graham CluleyOpinion

Smashing Security podcast #469: What your Oura ring won’t tell you

CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a ...
JD Supra

Five Federal Cases Health Care and Life Sciences GCs Should Continue to Watch in 2026

In 2026, several federal cases are poised to shape regulatory risk, reimbursement, and False Claims Act exposure, as well as innovation ...