AI wrote the code. You got hacked. Now what?

Security risks from AI-generated code are real—but with the right guardrails, teams can use AI to move faster.

I customize Windows 11 in seconds with vibe-coded AI scripts. Here’s how

You can now take advantage of this classic Windows scripting tool even if you have zero programming experience.

NPM flooded with malicious packages downloaded more than 86,000 times

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 ...

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...