The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Cyber Daily

Essential advice: Is your digital lifestyle making you prone to an infostealer attack?

Experts have identified the three digital lifestyles most targeted by cyber criminals – here’s what they are, and what you can do to stay safe.

Firefox 148 adds AI kill switch, fixes 50+ security flaws

PCWorld highlights that Mozilla’s Firefox 148 update addresses over 50 security vulnerabilities, including high-risk memory ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Array, Shoals upgraded at BNP Paribas as utility-scale solar growth accelerates

BNP turns bullish on U.S. utility-scale solar, upgrading ARRY/SHLS and backing FSLR as capacity adds surge and tariffs shift.

Profiling Reactor Technology: Westinghouse And Oklo

The nuclear renaissance makes for an exciting investing opportunity. Two oft-discussed reactor developers are Westinghouse ...
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...
How-To Geek on MSN

5 underrated open-source dev tools that will supercharge your workflow

Bruno, Fx, ActivityWatch, DDEV, and TLDR Pages are all dev tools that you should try out because they're much better than people give them credit for.
Technobezz on MSN

Firefox 148 launches with a single toggle to disable all AI features

Firefox 148 introduces a one-click toggle to disable all AI features, addressing privacy concerns and giving users full ...