The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
thetechedvocate.org

How to use Twitter API

The Twitter API is more than just a gateway to tweets; it’s a powerful tool that enables developers to access Twitter data and integrate its functionalities into their applications. This Twitter API ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
InfoQ

Azure Functions Ships Serverless Agents Runtime at Build 2026

Azure Functions shipped a serverless agents runtime in public preview at Build 2026. Agents are defined in .agent.md markdown ...
GitHub

Atlassian Sourcetree – Visual Desktop Git and Mercurial Client

Sourcetree is a full-featured desktop graphical interface designed to simplify how engineers interact with decentralized version control systems. Software developers, system architects, and release ...
Wired

SpaceX IPO Filing Reveals Anthropic Is Paying $15 Billion a Year to Access Its Data Centers

The long-awaited documents SpaceX filed with US regulators Wednesday included details about a lucrative deal to lend GPUs to a major AI rival. Anthropic has agreed to pay SpaceX $1.25 billion per ...
TechCrunch

GitHub says hackers stole data from thousands of internal repositories

GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said ...
Ars Technica

FBI seeks US-wide access to license plate cameras, wants “data in near real time”

The Federal Bureau of Investigation announced plans to buy nationwide access to a network of license plate readers, saying it will award contracts to one or more vendors that can offer “near real time ...
CoinTelegraph

GitHub investigates unauthorized access to internal repositories

GitHub said the activity involved the exfiltration of about 3,800 internal repositories, and it removed the malicious code extension. GitHub said on Wednesday it is investigating unauthorized access ...
Phys.org

UK's national soil database released as open-access repository

Cranfield University has launched a new soil and environmental online database and mapping tool, opening up detailed information about land in England and Wales. In collaboration with Defra, Cranfield ...
Morningstar

DBmaestro Introduces Agentic Database DevOps with MCP Server

ORLANDO, Fla., April 7, 2026 /PRNewswire/ -- DBmaestro, the leading database DevSecOps platform, today announced the launch of its Model Context Protocol (MCP) server, making DBmaestro the first ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...