The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Edge just got a useful AI tool that Chrome doesn't have - here's how to try it

Edge just got a useful AI tool that Chrome doesn't have - here's how to try it ...

Why is AI so bad at reading PDFs?

You just had to get lucky and hope that the document ID that you were looking at contains what you’re looking for,” said Igel ...
SecurityWeek

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.