After cyberattacks: TanStack considers restrictions for pull requests

TanStack tightens security measures after supply chain attacks. Pull requests may soon only be possible by invitation.
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
The Hacker News

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...
CNET

Did Chrome Just Install a Massive AI Model on Your Device Without Telling You? Yes, Probably

A 4GB file called weights.bin may be sitting on your hard drive right now, put there by Chrome without your knowledge.
How-To Geek on MSN

My dream Google Chrome extension didn't exist, so I vibe coded it with Claude

Your dream product could be a few prompts away.