The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
The Hacker News

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

August 2025 campaigns deliver kkRAT and Gh0st RAT variants via SEO poisoning, disabling antivirus to hijack crypto wallets.
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel self-replicating credential-stealing code in yet another wave of a supply chain ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
Security Boulevard

Detect Secrets in GitLab CI Logs using ggshield and Bring Your Own Source

Discover how to automatically detect secrets in GitLab CI logs using ggshield and GitGuardian's Bring Your Own Source ...

OpenAI Rolls Out GPT-5-Codex, a New AI Model to Take On GitHub Copilot and Cursor

OpenAI has introduced GPT-5 Codex, a cutting-edge coding AI designed to rival GitHub Copilot and Cursor AI. With improved code generation, debugging, and context understanding, GPT-5 Codex sets a new ...

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)This week in AI updates: OpenAI Codex updates, Claude …

The company released GPT-5-Codex, a variant of GPT-5 that is optimized for Codex, OpenAI’s AI coding agent. It was trained on ...

Google's new Agent Payments Protocol (AP2) allows AI agents to complete purchases — is your enterprise ready?

Agent Payment Protocol, a new open source standard from Google and 60 other payment players, aims to make transactions made ...
Analytics Insight

How to Get Your Gemini API Key Fast (Step-by-Step Guide for Beginners)

Overview: Gemini API keys allow easy access to AI-powered tools and integrations.Beginners can generate a key in just a few ...

I got 4 years of product development done in 4 days for $200, and I'm still stunned

Can $200 buy years of productivity? My latest AI experiment turned side projects into full products almost overnight, and the possibilities suddenly seem endless.