Bleeping Computer

Unofficial Postmark MCP npm silently stole users' emails

A npm package copying the official ‘postmark-mcp’ project on GitHub turned bad with the latest update that added a single line of code to exfiltrate all its users' email communication. Published by a ...
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services ...
GitHub

Add aws_lakeformation_lf_tag_value resource to manage a single tag value

This resource manages a single value within a Lake Formation tag: it checks whether a value exists within the values of an already existing tag, and then decide whether to add (when creating) it or ...
InfoQ

AWS Integrates LocalStack with VS-Code Toolkit to Streamline Serverless Development

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
The Times Leader

EMA urges residents to sign up for Code Red alerts

T-L Photo/GAGE VOTA Belmont County Emergency Management Agency Director Dave Ivan says that roughly 50% of Belmont County is signed up for the Code Red alert system but he believes 100% should be ...
Aviation Week

Malaysia Airlines, Qantas Sign Codeshare Deal

Malaysia Airlines and Qantas have reached a new codeshare agreement that will expand network opportunities for both carriers. Under the deal, announced Sept. 17, Qantas will place its code on ...
The Hacker News

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed ...