The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
InfoWorld

Google’s Gemma 4 shines on local systems – both big and small

We tried out Google’s new family of multi-modal models with variants compact enough to work on local devices. They work well.

The best movies on Amazon Prime Video (April 2026)

The best movies on Amazon Prime Video this month include Crime 101, Pretty Lethal, The Menu, Super 8, The Great Escape, ...

The 50 best movies on HBO Max for dedicated cinephiles

Almost 100 years of cinema are represented on this list: starting with City Lights (1931) and extending all the way to 2026 ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
eWeek

Anthropic Debuts ‘Repeatable Routines’ in Major Claude Code Automation Update

Anthropic introduces “repeatable routines” in Claude Code, bringing AI-powered automation and a redesigned workspace to ...

OpenAI's Codex Desktop can run your computer now - and has its own browser

From coding tool to productivity powerhouse, Codex Desktop adds computer control, automation memory, and plugin support. But ...