The Hacker News

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be ...

Thousands of fake packages flood npm registry in major attack - here's what we know

Cybersecurity researchers Endor Labs discovered more than 43,000 spam packages which took almost two years to upload in a ...

Nova Launcher just got another update despite being 'dead'

Nova Launcher just received a new update resolving a bug causing crashes. Users are wondering if the project isn't dead after ...
InfoWorld

Agentic coding with Google Jules

Jules performs better than Gemini CLI despite using the same model, and more like Claude Code and OpenAI Codex.
Kansas City Star

Government & Politics

“If you want to bully people, particularly the free press ... there’s a price to pay. And that price is going to be in the millions.” ...