The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Google Glass Almanac

How North Korean hackers are exploiting blockchain to target crypto users

What makes this campaign so striking is not just the malware, but where it is being stored. By shifting malicious code into ...