Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
GitHub

Easily Add a PWA Installation Popup with Just One Script!

pwa-install-prompt is a script that provides a user-friendly modal for installing Progressive Web Apps (PWAs). When the URL contains the hash #wepp-install-modal, the installation modal appears. For ...
GitHub

ML4W Dotfiles for Hyprland

An advanced configuration of Hyprland for Arch Linux based distributions. This package includes an installation script to install and set up the required components ...