The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Live Bitcoin News

npm Worm Steals Crypto Keys, Targets 19 Packages

A self-replicating npm worm dubbed SANDWORM_MODE hits 19+ packages, harvesting private keys, BIP39 mnemonics, wallet files and LLM API keys from dev environments.

Supply chain worm with its own MCP server spreads via GitHub

A new malware is circulating in the npm ecosystem, stealing credentials and CI secrets and spreading autonomously.
Bleeping Computer

GitHub can now auto-block commits containing API keys, auth tokens

GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically. Secret scanning is ...
Bleeping Computer

GitHub now can auto-block token and API key leaks for all repos

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories. Today's announcement comes after the company introduced push ...
Hosted on MSN

AI companies keep publishing private API keys to GitHub

Leading AI companies turn out to be no better at keeping secrets than anyone else writing code.… Cloud security firm Wiz has found that 65 percent of the Forbes AI 50 "had leaked verified secrets on ...
Dark Reading

LLM Hijackers Quickly Incorporate DeepSeek API Keys

Sophisticated "LLMjacking" operations have obtained stolen access to DeepSeek models, just weeks after their public release. Most recently, researchers from Sysdig observed hyperactive LLMjacking ...
The Hacker News

How Exposed Endpoints Increase Risk Across LLM Infrastructure

Exposed endpoints quietly expand attack surfaces across LLM infrastructure. Learn why endpoint privilege management is important to AI security.