Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...
News9

Lawmakers unveil framework proposal of a new reconciliation package

Congress’s largest conservative caucus, the Republican Study Committee (RSC), unveiled the framework for what its leaders hope will be the starting point for the second reconciliation bill to pass the ...
Hosted on MSN

Xbox debuts Game Package Manager to streamline publishing

The Game Package Manager, launched April 28, 2026, replaces the long-standing 'Packages' module in Microsoft Partner Center. It consolidates uploading, bug fixing, update approvals, and live ...
VG Chartz

Xbox Makes Publishing Easier for Developers With New Game Package Manager - News

Xbox has announced it is rolling out a new Game Package Manager for all Xbox developers currently configuring or adding new products to publish to Xbox. This replaces the current Microsoft Partner ...
TweakTown

Framework Laptop 16 RTX 5070 12GB upgrade module costs 72% more than the 8GB option

Use left and right arrow keys to seek audio. Following NVIDIA's announcement of the GeForce RTX 5070 12GB laptop GPU, Framework is adding it as a new Graphics Module for the Laptop 16. However, ...
CNBC

Senate Republicans unveil immigration funding framework as DHS shutdown drags on

Senate Republicans released the text of a budget resolution to fully fund two controversial immigration enforcement agencies at the heart of the ongoing Department of Homeland Security shutdown. The ...
Gizmodo

PC Industry in Dire Straits, ‘Asking You to Own Nothing and Be Happy,’ Says Framework CEO

The ongoing RAM crisis and global supply chain woes have meant the PC industry is taking it from all sides. Framework, the maker of ultra-customizable and repairable laptops, has come out and said ...
Visual Studio Magazine

Microsoft Ships Production-Ready Agent Framework 1.0 for .NET and Python

Microsoft says Agent Framework 1.0 is the production-ready release, with stable APIs and long-term support for both .NET and Python. The framework is presented as a unified successor path that builds ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...