The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
InfoWorld

As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures. As AI coding assistants accelerate software ...

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
Outlook Business

A Million Projects: The Proof Behind Ulipsu’s Skill Education Model

Ulipsu’s embedded skill education model has enabled over a million student projects across 350+ schools in India and abroad.
MacStories

Introducing Shortcuts Playground: Create Apple Shortcuts with Claude Code or Codex

Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for ...
TMCnet

Hadrian Releases OpenHack, Democratizing AI Vulnerability Discovery

Hadrian today released OpenHack, a tool for AI-powered source code review that delivers high-quality results at a fraction of the cost ...
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...

Anthropic Acquires Stainless to Strengthen AI SDK Infrastructure

Anthropic’s acquisition of Stainless highlights a growing AI infrastructure battle centered on SDKs, agent connectivity, APIs ...

Sigma Computing seals $80M funding round as it pivots toward ‘agentic analytics’

Cloud-native data analytics startup Sigma Computing Inc. has closed on an $80 million Series E funding round that doubles its ...
techzine

It’s raining Linux vulnerabilities: what’s going on?

In recent weeks, alarm bells have been ringing repeatedly over critical vulnerabilities in the Linux kernel. Why is that? Do we have AI to thank for these discoveries? And should we expect similar ...