New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...
Computer Weekly

DBS rewires operating models for AI reasoning era

The bank expects AI tools to evolve from being a copilot to an autopilot as it undergoes organisational transformation to prepare its workforce for agentic AI ...
Nasdaq

Nasdaq Verafin 2024 Global Financial Crime Report

This report brings together expert research and data, industry perspectives, and the voices of survivors, providing a unique view into the scope and impact of financial crime – and the scale of ...