‘TrapDoor’ malware targets crypto dev tools in supply chain attack

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Anthropic Just Bought a Developer Tool Used by OpenAI, Google

Anthropic acquired SDK startup Stainless, signaling a deeper push into developer tooling as AI labs compete beyond model ...

Anthropic has acquired the dev tools startup used by OpenAI, Google, and Cloudflare

Stainless, a New York-based startup, founded in 2022, rose to prominence in the emerging AI industry for automating the ...
The Hacker NewsOpinion

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited ...
InfoQ

OpenAI Introduces Websocket-Based Execution Mode to Reduce Latency in Agentic Workflows

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
marktechpost

Beyond Simple API Requests: How OpenAI’s WebSocket Mode Changes the Game for Low Latency Voice Powered AI Experiences

In the world of Generative AI, latency is the ultimate killer of immersion. Until recently, building a voice-enabled AI agent felt like assembling a Rube Goldberg machine: you’d pipe audio to a Speech ...
WebMD

What to Know About an Orbital Socket Fracture

The orbital (eye) socket is a set of bones that surround and protect your eye. The bones around the eye form the walls and floor — sides and bottom — of the orbital socket and vary in thickness. The ...