Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
InfoQ

OpenAI Codex-Spark Achieves Ultra-Fast Coding Speeds on Cerebras Hardware

In a major shift in its hardware strategy, OpenAI launched GPT-5.3-Codex-Spark, its first production AI model deployed on ...
Design News

How I Built a Universal Push-Button Module Using Claude Code

Explore the future of embedded systems development with Claude Code. Learn how AI tools could deliver high-quality code faster.

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
MIT Technology Review

Just pull a string to turn these tile patterns into useful 3D structures

Inspired by the Japanese art of kirigami, an MIT team has designed a technique that could transform flat panels into medical devices, habitats, and other objects without the use of tools.
The BMJ

Adherence to legislation and recommendations to publicly post protocols and results of post-authorisation studies registered with European Medicines Agency: cross sectional study

Objective To assess whether post-authorisation studies registered with the European Medicines Agency (EMA) adhere to legislation and recommendations to publicly post study protocols and results.