Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
Tech Times

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
InfoWorld

Attack targeting OpenAI Codex users exposes AI software supply chain risks

The incident highlights how attackers can hide malicious code in software packages that differ from the source code available ...
Martin Cid Magazine

Malicious code hid inside Red Hat’s npm packages and spread to steal cloud keys

Security researchers found malicious code buried inside more than 30 of Red Hat's official software packages, built to ...
InfoQ

Claude Code Adds Dynamic Workflows for Parallel Agent Coordination

Anthropic introduced Dynamic Workflows, a new capability for Claude Code designed to handle complex software engineering ...
The Caledonian-Record

MicroCloud Hologram Inc. Launches Customizable Quantum Simulation Dedicated Architecture

MicroCloud Hologram Inc. (NASDAQ: HOLO), (“HOLO” or the “Company”), a technology service provider, announces that, through dedicated processor hardware constructed using pure ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Memeburn

Claude Opus 4.8: Anthropic Launches Its Most Capable AI Model Yet With Dynamic Workflows and Agent Swarms

Anthropic releases Claude Opus 4.8 with dynamic workflows, 1,000 parallel subagents, and 3x cheaper fast mode. Here's what ...

How to reduce the costs of web scraping through high success rates

Tiger Woods has long said that winning takes care of everything, and the same certainly applies to web scraping. When your scrapers avoid hitting anti-bot walls or being served CAPTCHAs, you can meet ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.