The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.
Tech Times

Notion Opens Workspace to Claude Code, Cursor, and Codex as Native AI Agents

Notion AI agents workspace now includes Claude Code, Cursor, and OpenAI’s Codex as native participants via the new External ...
InfoQ

Google Expands SynthID Adoption for AI Watermarking, Previews Content Detection API

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...