Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
PCMag

2.7M Employee Records Stolen, 100GB of Anime Fan Data Lost, and Millions of Crime Tips Leaked

Hackers hit a benefits provider, an anime streaming service, and a crime tip platform—exposing millions of sensitive records.

A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.
WinBuzzer

90% of Claude Code Output Lands in Low-Star GitHub Repos

Anthropic's Claude Code has surpassed 20 million GitHub commits, but 90% of output has landed in repos with fewer than two ...
The Hacker News

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...
GitHub

Financial Datasets MCP Server

This is a Model Context Protocol (MCP) server that provides access to stock market data from Financial Datasets. It allows Claude and other AI assistants to retrieve income statements, balance sheets, ...