Supply chain worm with its own MCP server spreads via GitHub

A new malware is circulating in the npm ecosystem, stealing credentials and CI secrets and spreading autonomously.
Seeking Alpha

RPC Ridgepost Capital, Inc

Ridgepost Capital, Inc. operates as a multi-asset class private market solutions provider in the alternative asset management industry in the United States and Dubai. The company’s portfolio of ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...