The Hacker News

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Malicious npm package downloaded 676 times stole Claude AI files via GitHub uploads, increasing AI-driven malware risks.
The Hacker News

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

MuddyWater targeted 9 organizations in 9 countries during Q1 2026, using DLL side-loading to steal data and evade detection.
GitHub

csv_sql_query.py

A Dify tool that executes SQL on an uploaded CSV and returns results in either JSON or Markdown format. Uses DuckDB for fast in-memory querying (no disk I/O).