The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
techtimes

OpenAI Codex Automation Gains Record and Replay: Show It Once, Skip the Script

OpenAI has added a feature to its Codex macOS app that changes the barrier to AI-powered automation: instead of writing a prompt or configuring a workflow, a user performs a task while Codex watches, ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...
CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Soompi

Watch: Ji Sung, Ha Yun Kyung, And More Test Chemistry At Script Reading For New Drama "The Apartment Job"

JTBC’s upcoming drama “The Apartment Job” has shared a glimpse of its first script reading session! “The Apartment Job” follows former gangster Hae Kang as he runs for apartment association president ...
InfoQ

NodeJS Proposes Built-In Virtual File System, Sparking Debate over AI-Generated Contributions

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
TweakTown

Intel's 14A node will enter risk production in 2028, while 10A and 7A nodes are on the roadmap

Use left and right arrow keys to seek audio. It looks like the Foundry is up and running like a well-oiled machine, since Intel CEO Lip-Bu Tan has confirmed that the company is on track to meet its ...
Bleeping Computer

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The node-ipc ...
Polygon

Pokémon Red and Blue manga returns this fall with a deluxe rerelease

The classic Pokémon comic series Pokémon Adventures returns this fall with a deluxe rerelease, publisher Viz Media and Simon & Schuster announced this week. Pokémon Adventures: Red and Blue Deluxe ...
The New York Times

After 43 Years, an Unproduced Larry David Script Surfaces Online

“Prognosis: Negative” was too dark for its time, but its title became a running “Seinfeld” joke and its premise set the table for “Curb Your Enthusiasm.” In “Prognosis: Negative,” a Larry David ...