资讯

For September, Patch Tuesday means fixes for Windows, Office and SQL Server

This month’s collection of fixes from Microsoft includes 86 patches — but at least there were no zero-day bugs.
Securities.io3 天

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

.NET 10 Release Candidate 1: Follow-up for Entity Framework Core

Microsoft ORM Mapper learns column types Vector and JSON in Microsoft SQL Server 2025. At the same time, there is a first ...
GitHub3 天

sylphxltd/pdf-reader-mcp

Empower your AI agents (like Cline) with the ability to securely read and extract information (text, metadata, page count) from PDF files within your project context using a single, flexible tool.
Security Boulevard5 天

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...