The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
GitHub

DonkRonk17/Quick-Env-Switcher

Instantly switch between project environments with a single command. Stop wasting time manually activating virtual environments, changing directories, and setting environment variables! Quick ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

Axios遭供应链投毒攻击(附排查与紧急补救指南)

事件概述2026 年 3 月 31 日,著名云安全平台 StepSecurity 监测到,在 JavaScript 生态系统中最受欢迎的 HTTP 客户端库 Axios(每周下载量超 3 亿次)遭遇了严重的供应链攻击。攻击者劫持了 Axios 核心维护者(jasonsaayman)的 npm 账户,并在 npm 官方仓库发布了两个被污染的恶意版本:[email protected][email protected] ...
GitHub

LinkedIn Automatic Add and Connect

This project is a Python/Selenium automation tool that reads leads from Google Sheets, opens LinkedIn profiles, sends connection requests or messages, and writes the result back to the sheet. Warning: ...
知乎专栏 on MSN

Claude code 如何调用skills

前段时间cc的源代码泄漏了,本地赶紧存了一份,然后让opus帮我分析了一下skills部分具体是怎么调用的,天啊,上苍的恩赐,这份源代码可以帮助解决好多问题。 模拟场景:写一条规范的 commit(全程调用过程) 假设你已经安装了一个名叫 commit 的技能,会话里也启用了 Skill 工具。下面用 Opus ...