Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Princeton University

Outdoor Action Guide to Developing a Safety Management Program for an Outdoor Organization

This article is designed to provide a short outline of the areas that should be evaluated in order to develop a comprehensive Safety Management Program for your organization. [Note: A number of legal ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...