The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Anthropic Tool Calling Updates Cut Tokens 30–50% in Multi-Step Agent Tasks

Anthropic updates tool calling to reduce token use; tool search cuts tokens up to 80%, making larger tool sets practical.

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
GitHub

GitHub - iammorpheuszion/epstein-files-downloader-cli-efdl: EF-DL - CLI tool to automate the downloading of the latest Epstein Files by search term (Must be 18+ years of age to ...

Features Live Up-To-Date Downloads: Fetches the latest files directly from the DOJ portal in real-time (no reliance on outdated or torrented datasets) Search Portal Integration: Download by search ...
GitHub

agentic-dev-io/agent-farm

agent-farm/ ├── src/agent_farm/ # Main Python package │ ├── main.py # Entry point, MCP server initialization │ ├── spec_engine.py # Spec Engine class (central component) │ ├── orgs.py # Organization ...