The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Smart Banner Hub Opens Clustrauth™ API — Quantum-Safe Document Signing for Developers at $5 Per Signature

New REST API gives developers programmatic access to NIST FIPS 204 post-quantum document authentication — sign any ...
TMCnet

Weaviate Launches Agent Skills to Empower AI Coding Agents

Bob van Luijt, Co-Founder and CEO of Weaviate—which he launched as an open-source vector search engine in March 2019—shared ...
Opinion

Opinion: Moltbook’s 'vibe-coded' breach is the future of security failures

Earlier this month, the now viral social network Moltbook exposed 1.5 million API authentication tokens and 35,000 email addresses within days of launch. The cause: a single misconfigured database ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
SpeedwayMedia.com

PrimeARB AI vs Manual Trading: 30-Day Performance Comparison

PrimeARB AI is a tool for systematic earnings on real market inefficiency. Returns of 8-15% monthly (balanced mode) ...

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

OpenAI deploys Cerebras chips for 'near-instant' code generation in first major move beyond Nvidia

OpenAI launches GPT‑5.3‑Codex‑Spark, a Cerebras-powered, ultra-low-latency coding model that claims 15x faster generation speeds, signaling a major inference shift beyond Nvidia as the company faces ...

OpenAI sidesteps Nvidia with unusually fast coding model on plate-sized chips

OpenAI has spent the past year systematically reducing its dependence on Nvidia. The company signed a massive multi-year deal ...

OpenAI upgrades its Responses API to support agent skills and a complete terminal shell

With OpenAI's latest updates to its Responses API — the application programming interface that allows developers on OpenAI's platform to access multiple agentic tools like web search and file search ...
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...