InfoQ

GitHub Actions Custom Runner Images Reach General Availability

GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview ...
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Karpathy shares 'LLM Knowledge Base' architecture that bypasses RAG with an evolving markdown library maintained by AI

Karpathy proposes something simpler and more loosely, messily elegant than the typical enterprise solution of a vector ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
PCMag

Operating System News

Microsoft is also updating the Windows Security app with a status indicator that will let users know whether their Windows 10 and 11 installations have the latest Secure Boot certificates.

Cisco patches partly critical vulnerabilities in several products

On Wednesday, Cisco issued nine security advisories. They address partly critical vulnerabilities in several products.