InfoWorld

Open source maintainers are being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Pocket Tactics

Flashpoint codes February 2026

February 14, 2026: We added a new ⚡ Flashpoint code to celebrate Valentine's Day. The latest codes offer a number of suits to pick from! To be honest, Flashpoint codes are essential if you want to ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
Nature

How AI slop is causing a crisis in computer science

Large language models (LLMs) can suggest hypotheses, write code and draft papers, and AI agents are automating parts of the research process. Although this can accelerate science, it also makes it ...
The Hacker News

npm’s Update to Harden Their Supply Chain, and Points to Consider

First, people need to remember that the original attack on tools like ChalkJS was a successful MFA phishing attempt on npm’s ...