The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm ...

When Claude changed, everything changed: Managing AI blast radius in production

We built it on Claude Sonnet 3.5 in early 2025. We upgraded to 3.7 without incident, and to 4.0 without incident. By the time ...

I had ChatGPT build me a free PDF editor because I didn't trust it to change my files - it worked!

The smartest way to use AI may not be letting it touch your files, but asking it to write software that handles them safely - ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
InfoWorld

Taming the generative AI back end

Writing code that interacts with LLM services requires bridging two different worlds. Use these tips and techniques to bind ...
Searchenginejournal.com

Security Researcher: WordPress 7.0 Could Trigger Rush To Steal AI API Keys

Oliver Sild, founder of Patchstack WordPress security company, shared concerns about the security of AI API keys in WordPress 7.0, sharing that there “will be an absolute rush by hackers to steal API ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Los Angeles Times

The nation’s students are deep in a reading recession. Here’s how L.A. and California fit in

This is read by an automated voice. Please report any issues or inconsistencies here. The nation’s students face a deepening reading crisis, with most states showing minimal progress in recent years, ...
Business Insider

Kevin O'Leary defends his Utah data center project: 'Think about the number of jobs'

Many Americans don't like the AI data centers popping up in their communities, though Kevin O'Leary thinks that's because they don't fully understand them. O'Leary, the venture capitalist and "Shark ...
Education Week

How the Science of Reading Is Reshaping Teaching: What the Data Say

The “science of reading” movement has brought sweeping changes to the curriculum teachers use in the classroom and the professional development they take—but educators still voice substantial ...
techtimes

API Key Leak Exposes AWS, Stripe, OpenAI Credentials Across Thousands of Sites

A large-scale cybersecurity study has revealed a serious global web security issue involving exposed API credentials tied to major platforms, including Amazon Web Services, Stripe, and OpenAI. After ...
InfoQ

Vercel Releases JSON-Render: a Generative UI Framework for AI-Driven Interface Composition

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...