GitHub

A Reactive CLI that generates commit messages for Git and Jujutsu with Ollama, ChatGPT, Gemini, Claude, Mistral, and other AI

⚠️ For npm installation, the minimum supported version of Node.js is v18. Check your Node.js version with node --version.
The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code ...
GitHub

Azure DevOps npm auth

Simply set up user authentication to Azure DevOps npm feeds, optionally using the Azure CLI for Personal Access Token (PAT) acquisition. If you would like to acquire a PAT token manually and supply it ...
The Hacker News

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners. The package in question is eslint-plugin-unicorn-ts ...
heise online

Shai-Hulud 2: New version of NPM worm also attacks low-code platforms

A new worm is infecting NPM packages en masse and stealing credentials. The code of the malware contains the identifier “SHA1HULUD,” which is why security analysts are calling it “Shai-Hulud 2.0.” ...