The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...
Priority Pixels

WordPress Under Pressure: Why Your Site’s Performance Is Secretly Tanking (And How to Fix It)

WordPress powers a significant share of the web, and for good reason. It is flexible, well supported and capable of handling everything from a simple brochure site to a full ecommerce platform. But ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...