Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
SecurityWeek

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub ...
ZDNet

How to get your files off an Android phone with a broken screen - for free

Roku TV vs Fire Stick Galaxy Buds 3 Pro vs Apple AirPods Pro 3 M5 MacBook Pro vs M4 MacBook Air Linux Mint vs Zorin OS 4 quick steps to make your Android phone run like new again How much RAM does ...
GitHub

IW4x: Rawfiles

These are the rawfiles that are required (next to iw4x.dll) to launch and play IW4x. .iwd Files (iw4x_00, iw4x_01, ...) are uncompressed in this repo and need to be compressed before they can be used ...
GitHub

PYTHON_LSP_PLAN.md

Type representation internal/cbm/lsp/type_rep.{c,h} CBMType tagged union (NAMED, POINTER, SLICE, MAP, CHANNEL, FUNC, INTERFACE, STRUCT, BUILTIN, TUPLE, TYPE_PARAM ...