The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
XDA Developers on MSN

Your Chrome new tab page is a vibe coding project waiting to happen

The least exciting page in your browser is also the easiest one to vibe-code.
CSOonline

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that ...

Popular open-source editor Zed hits 1.0 with DeepSeek-V4 support and major fixes

Created by the minds behind Atom, Zed 1.0 is officially ready for prime time. Discover how the latest update improves ...