The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

AI-based VS Code forks recommended unclaimed extensions, allowing malicious uploads in Open VSX and risking developer systems ...

The creator of Claude Code just revealed his workflow, and developers are losing their minds

Claude Code creator Boris Cherny reveals his viral workflow for running multiple AI agents simultaneously—transforming how ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
HackadayOpinion

GitHub Disables Rockchip’s Linux MPP Repository After DMCA Request

Recently GitHub disabled the Rockchip Linux MPP repository, following a DMCA takedown request from the FFmpeg team. As of ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
AdExchanger

Pinterest-Owned tvScientific Gets Closer To The Bidstream With OpenX’s New API Suite

OpenX's new API suite provides ad buyers with a more detailed view of the bidstream and, as a result, more accurate targeting ...