ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)

Six malicious npm packages impersonating Rollup polyfill tools stole developer credentials and enabled remote machine control. Security researchers at JFrog identified these Lazarus-linked attacks targeting VS Code, AWS, Azure, Google Gemini, Anthropic Claude, SSH keys, cryptocurrency wallets, and browser data before removing all six from the registry.
Tap to vote and see what everyone thinks.
Summary by ByteBrief