Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
WinBuzzer

Anthropic Leaks Claude Code Source via Npm Source Map

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

Entire Claude Code CLI source code leaks thanks to exposed map file

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been ...
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...
GitHub

Extremely simple way to clean your postgres database.

You need to clean database after your test cases, you can do it simply with only one call. type - 'truncate' - DEFAULT: use truncate to clear all tables in database and restart sequences - 'delete' - ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
GitHub

pull-request-automation

Kubernetes orchestrator that dispatches AI coding agents (Claude Code · Codex · Aider) from GitHub issue labels. and delivers pull requests. Fully self-hosted on k3s, zero vendor lock-in. Automate ...
The Clarion-Ledger

OrgFlow Launches Managed Repositories to Simplify Salesforce DevOps for All Teams

New feature removes the requirement for external Git accounts, allowing Salesforce teams to automate deployments and version control with zero initial setup. Managed ...