Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
GitHub

MatrixSeven/file-transfer-go

MatrixSeven / file-transfer-go Public Notifications You must be signed in to change notification settings Fork 581 Star 4.6k ...

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to ...
GitHub

Transform Claude Code transcript JSONL files into readable terminal and HTML formats.

Claude Notes is a command-line tool that converts Claude Code conversation transcripts (stored as JSONL files) into human-readable formats. It supports both terminal output with rich formatting and ...
CoinTelegraph

Vulnerability found in Babylon genesis chain could slow block production

A newly discovered vulnerability may enable malicious validators to omit the hash field when posting blocks, leading to validator crashes and slowing block production. Update Jan. 12, 7:15 am UTC: ...
PC Magazine

FBI Warns About North Korean Hackers Adding Malicious QR Codes to Emails

The FBI is warning that a state-sponsored North Korean hacking group has been using malicious QR codes to help them spy on select users. A group known as Kimsuky has been sending the malicious QR ...
financefeeds

Vulnerability in Babylon Staking Code Could Disrupt Block Production

A serious bug in the Babylon Bitcoin staking protocol has raised significant security concerns in the cryptocurrency world. Developers say this flaw lets malicious validators interfere with core ...