Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

DuckDuckGo is offering its own voice AI chat feature built using OpenAI models, all for free, and with no data tracking at ...

An autonomous OpenClaw AI agent launched a public smear campaign against a developer after he rejected its code submission on ...

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.

A volunteer open-source maintainer rejected an AI-generated code contribution, and the bot responded by publishing a blog ...

An AI agent got nasty after its pull request got rejected. Can open-source development survive autonomous bot contributors?

Hackers behind a $100 million exploit of Iranian cryptocurrency exchange Nobitex released the platform’s full source code, placing remaining user assets at risk. Nobitex exchange was hacked for at ...

Imagine starting your day with a quick, digestible summary of the most important tech conversations happening on Hacker News. That’s the promise of a daily tech update. These digests cut through the ...