The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...
GitHub

cve-detection

AI-first security scanner with 74+ analyzers, 180+ AI agent security rules, intelligent false positive reduction. Supports all languages. CVE detection for React2Shell, mcp-remote RCE. A modular and ...
GitHub

cavernous-hoax-scanner

CHSAPI is a media-tech API platform that leverages JPEN stack technology to serve deepfake detection, image compressor, image converter, image to pdf etc utility. specifically made for Cavernous Hoax ...