The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to China-based servers.
Visual Studio Magazine

What a Difference a VS Code Fork Makes: Antigravity, Cursor and Windsurf Compared

VS Code forks like Cursor, Windsurf, and Google Antigravity may share a common foundation, but hands-on testing shows they ...

Criminal investigation into Fed chair Powell has ‘reinforced’ concerns over independence, Goldman Sachs warns, as dollar weakens – as it happened

Rolling coverage of the latest economic and financial news ...
Matchups

Quels mods utiliser et comment les installer dans Hytale

Le RPG sandbox Hytale est sorti en early access, mais quelques mods sont déjà disponibles. Voici notre sélection de ceux qui nous semblent être les plus pertinents. Hytale est disponible en accès ...
journaldunet.com

Tutoriel : comment installer son propre ChatGPT gratuit en quelques minutes sur son ordinateur

La nouvelle interface graphique de llama.cpp permet de configurer en quelques minutes une interface ChatGPT like en local sur son ordinateur. 2026 sera-t-elle l'année de l'IA on-device? La fin d'année ...

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
The Caledonian-Record

Officials install duck warning sign in spot with no ducks

A 7k road sign warning motorists that ducks may be crossing the road has surprised villagers - as they've never seen one in the area and they don't have a pond. Residents of Daws Heath, in Essex, ...
InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a malicious ‘.npmrc’ can override the git binary path, leading to full code ...

Peeping Tom subscribed to hotel spycam porn site – and sees himself having sex

The scourge of secret spycams hidden in hotel rooms has become so widespread in China that people are sharing tips on social ...