The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

Malicious Chrome Extensions found on Web Store, Over 1 lakh users at risk: Remove now

Security researchers have discovered several malicious Chrome extensions on the official Chrome Web Store that can steal user data and compromise privacy. Some of these extensions are still available ...
Cyber Daily

Hacked: US cyber agency adds six vulnerabilities to known-exploited listing

Microsoft zero-day vulnerability added to KEV Catalog alongside SmarterTools SmarterMail authentication bypass bug and ...

OpenAI spills technical details about how its AI coding agent works

On Friday, OpenAI engineer Michael Bolin published a detailed technical breakdown of how the company’s Codex CLI coding agent ...

What to know about a French ex-senator on trial for drugging a lawmaker to sexually assault her

In the wake of the Pelicot trial, France adopted a new law in October 2025 defining rape and other sexual assault as any ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.