Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
CNET

Your Brain Is a Better AI Detector Than Any Tool Out There. Here's How to Use It

AI is now seemingly the ultimate "work smarter, not harder" shortcut, and nowhere is that more obvious than in the classroom and in some workplaces. While tools such as ChatGPT are great for writing ...

Solution To The Curious Mystery Of Why AI Keeps Inventing The Same Fake Names Over And Over Again

Curious mystery exists of why popular AIs create fake names of a persistent nature. Turns out its about statistics. An AI ...
Nature

Base editing of trinucleotide repeats that cause Huntington’s disease and Friedreich’s ataxia reduces somatic repeat expansions in patient cells and in mice

The direct installation of A•T>G•C interruptions using this delivery method at pathogenic-length FXN alleles significantly reduces GAA repeat size by limiting repeat expansions and inducing repeat ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...