Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...
HackadayOpinion

How Vibe Coding Is Killing Open Source

Does vibe coding risk destroying the Open Source ecosystem? According to a pre-print paper by a number of high-profile ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Vybe Guide Launches as the Definitive Open Source Discovery Platform for Vibe Coders and AI-Assisted Developers

New platform indexes over 50,000+ open source projects with daily AI-powered updates, positioning itself as the go-to ...
InfoWorld

Apiiro’s Guardian Agent guards against insecure AI code

Application security agent rewrites developer prompts into secure prompts to prevent coding agents from generating vulnerable ...
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...
Visual Studio Magazine

Buzz About VS Code Extension for Codebase Visualization

A new Visual Studio Code extension called Nogic sparked a wide-ranging Hacker News discussion, with commenters praising its graph-based approach to understanding complex codebases while also raising ...

So yeah, I vibe-coded a log colorizer—and I feel good about it

Oh, sure, I can “code.” That is, I can flail my way through a block of (relatively simple) pseudocode and follow the flow. I ...
The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

Simulations and supercomputing calculate one million cislunar orbits

Satellites and spacecraft in the vast region between Earth and the moon and just beyond—called cislunar space—are crucial for ...