The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Unlock your Mac’s secret features for less than $26

With this app, you can reveal hidden files in Finder, clear logs and caches eating your space, batch convert images, and more ...
Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
The Next Web

Mozilla patched 271 Firefox bugs found by Anthropic’s Mythos, and says the zero-day era has an expiration date

Firefox 150 ships 271 bug fixes found by Claude Mythos Preview. Mozilla says the defects are finite. The UK AI Security Institute says the model can also attack autonomously.
XDA Developers on MSN

I gave Claude Code persistent memory and now it's unstoppable

Coding agents are like absent-minded professors, this fixes that gap ...
GameSpot

Escape From Tarkov Codes April 2026 For Free Weapons, Hideout Gear, Craftables, And More

Here are all the current active EFT codes to redeem from Battlestate Games’ website for free crafting gear and much, much ...
InfoWorld

The front-end architecture trilemma: Reactivity vs. hypermedia vs. local-first apps

Web developers are moving away from the library wars and into a world of architectural choice. It’s about where you want the ...
Dark Reading

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
Visual Studio Magazine

Visual Studio Code 1.117 Expands Copilot Controls for Business and Enterprise User

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.
XDA Developers on MSN

Every AI code editor wants to replace VS Code, but the smartest ones are just extending it

Embrace VS Code instead of fighting it ...
Visual Studio Magazine

Using Data API Builder to Speed Up Application Development

Microsoft's Data API Builder is designed to help developers expose database objects through REST and GraphQL without building a full data access layer from scratch. In this Q&A, Steve Jones previews ...