The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
Bloomberg L.P.

API Library

Supported Releases: These releases have been certified by Bloomberg’s Enterprise Products team for use by Bloomberg customers. Experimental Releases: These releases have not yet been certified for use ...
The Droid Guy

I Spent 24 Hours Benchmarking GPT-5.5 Against Claude Opus 4.7 — Here Is What Actually Happened

Within hours I paused an ongoing Opus 4.7 benchmark, swapped the API keys, and ran the exact same methodology on ...
The New York Times

Libraries and Librarians

The American Library Association and a union of cultural workers filed a lawsuit arguing that cuts ordered by President Trump were illegal. By Jennifer Schuessler The director, Luanne James, was fired ...