The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Kiteworks Launches Compliant AI—the Industry’s First Data-Layer Compliance Solution for AI Agent Governance

Solution enforces ABAC, encryption, and audit logs for every AI agent interaction with regulated data—independent of ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
GitHub

Vectra: local, file‑backed vector database for Node.js

You have a small, mostly static corpus (e.g., a few hundred to a few thousand chunks). You want zero‑infrastructure local retrieval with fast, predictable latency. You’re assembling “infinite few‑shot ...

Bluente Launches Open-Source MCP Server, Bringing Format-Preserving Document Translation Directly Into AI Workflows

New integration lets AI agents translate documents across 120+ languages without leaving the tools developers and ...
GitHub

eslint-types/eslint-define-config

Plugins can either support their own types, or they could be supported by the community in the @eslint-types repository. A list of community supported plugins can be found here.