IFA MagazineOpinion

FCA’s Mills review – firms must prioritise accountability, explainability and data governance as use of AI in financial services accelerates

Charlotte Byrne, UK AI Lead at global management and technology consultancy Capco, comments on the FCA’s Mills Review into ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Enovix outlines path to $400M smart eyewear battery TAM by 2030 as commercialization accelerates

Q4 2025 earnings call recap: record revenue, $621M cash, manufacturing progress, and 2026 smart eyewear/smartphone outlook—read now.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
SecurityWeek

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...