The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
GitHub

NewsCatcher News API V2 SDK for Python

The official Python client library to manipulate NewsCatcher News API V2 from your Python application. Documentation is identical with the API documentation. The same parameters and filters are ...
GitHub

CEO-Bench: Can Agents Play the Long Game?

CEO-Bench: Can Agents Play the Long Game? . Contribute to zlab-princeton/ceobench-src development by creating an account on GitHub.
CSO Online

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...