The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used AntV enterprise data visualization tool.
GitHub

Penhandev IP-Scanner

A fast, cross-platform CLI tool to check the reachability of IPs, CIDR blocks, IP ranges, domains, and URLs. --target ...-t "Use these targets I'm typing right now." Example: -t 1.1.1.1 github.com 8.8 ...
GitHub

DataForge — Autonomous Data Analysis Agent

Score: 6.5 / 9. The evaluation surfaced two critical gaps: (1) no self-verification protocol before pushing cards — errors in early steps could propagate silently; (2) no reasoning type taxonomy — ...