The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Anthropic Tool Calling Updates Cut Tokens 30–50% in Multi-Step Agent Tasks

Anthropic updates tool calling to reduce token use; tool search cuts tokens up to 80%, making larger tool sets practical.
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
The Hacker News

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack automation.
GitHub

aashishvanand/airport-data-js

A comprehensive JavaScript library for retrieving airport information by IATA codes, ICAO codes, and various other criteria. This library provides easy access to a large dataset of airports worldwide ...
NBC News

Investigators wrangled video from Nancy Guthrie’s Google Nest camera out of ‘backend systems’

Shortly after Nancy Guthrie disappeared, Pima County, Arizona, Sheriff Chris Nanos said that a camera affixed to her door had been disconnected, that she did not have a subscription that would have ...
The Verge

Why ‘deleted’ doesn’t mean gone: How police recovered Nancy Guthrie’s Nest Doorbell footage

Investigators pulled video from ‘residual data’ in Google’s systems — here’s how that was possible and what it means for your privacy. Investigators pulled video from ‘residual data’ in Google’s ...
GitHub

fityannugroho/idn-area-data

Import the package into your project as shown below.