The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
TechAnnouncer

Practical Cloud Automation Examples to Streamline Your Operations

Cloud automation uses software to handle tasks like setting up servers or deploying applications, cutting down on manual work ...
Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
腾讯网

Claude Code一夜重构,上线 Routines,现在关机也能修bug干活了

今天凌晨,Anthropic对Claude Code进行了全面重构 ,并发布了一个非常奈斯的功能—Routines(常规任务)。ps:顺便一提,业内小道消息也在传:Opus 4.7(代号 capybara-v2)本周也可能要发布!