The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Violence erupts in Mexico after drug lord El Mencho killed

The death of the most-wanted Jalisco cartel chief sparks retaliatory violence in at least a dozen states in Mexico.

Tyler Reddick wins at Atlanta to give Michael Jordan second straight NASCAR Cup victory

HAMPTON, Ga. (AP) — Whether on or off the racetrack, all Michael Jordan does is win in NASCAR. For the second consecutive ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.

Complexity often signals fear, or why boring investing strategies work best

For investors, the temptation to outsmart the market is constant. Complex trading strategies, hot stock tips and sophisticated portfolio tactics promise superior returns. But decades of evidence tell ...