Resources for this episode available at 505updates.com.

From Edwin Kwan in Sydney, Australia: The JavaScript NPM registry has a manifest confusion vulnerability which can allow the installation and execution of malicious files without the user's knowledge. 

From Ian Garrett in Arlington, Virginia: Microsoft Sysmon just got a beefy upgrade. Sysmon is a free Microsoft Sysinternals tool that can monitor and block malicious or suspicious activity and log events to the Windows event log.

From Katy Craig in San Diego, California: There's a new process injection technique that could give threat actors a way to bypass security solutions and wreak havoc on compromised systems. 

From Marcel Brown in St. Lous, Missouri: The iPhone turned out to be the computing device that we all wished we had, yet didn't know what we were missing until we had one. It has literally impacted nearly every aspect of our society, and it is no stretch to say that the iPhone has changed the world.

From Sourced Network Production in New York city. "It's 5:05". I'm Pokie Huang. Today is Thursday, June 29th. Here's the full story behind today's cyber security and open source headlines...