Amazon says Russian-speaking hacker used AI to hit one of world's most deployed network firewalls in 5 weeks

A lone attacker, leveraging commercial AI tools, has breached over 600 organizations globally in just over a month.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...