Cryptopolitan

Crypto wallets targeted in SAP-linked npm supply-chain attack

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
GOLF.com

NBC’s Chevron Championship coverage will have a new lead voice

Cara Banks is no stranger to narrating golf’s biggest moments. If a play-by-play broadcaster is the captain of the golf TV broadcast during the final moments of a tournament, then the interviewer is ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A researcher has disclosed the details of a prompt injection attack method named ‘Comment and Control’, which has been found to work against several popular AI code security and automation tools. The ...
GitHub

litellm-pypi-supply-chain-attack.md

summary On March 24, 2026, LiteLLM versions 1.82.7 and 1.82.8 on PyPI were backdoored by TeamPCP using stolen CI/CD credentials. The malware harvested SSH keys, cloud credentials, API keys, and crypto ...
GitHub

Claude Code Skills & Plugins — Agent Skills for Every Coding Tool

235 production-ready Claude Code skills, plugins, and agent skills for 12 AI coding tools. The most comprehensive open-source library of Claude Code skills and agent plugins — also works with OpenAI ...