SECURITYTHE HACKER NEWS
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
A mail server flaw was under active use and a network control system was targeted, resulting in poisoned trusted packages and a fake model page pushing a stealer. The pattern of exploiting weak dependencies to gain cloud access is clear. This has led to ransom claims and potential production compromises.