Google Glass Almanac

How North Korean hackers are exploiting blockchain to target crypto users

What makes this campaign so striking is not just the malware, but where it is being stored. By shifting malicious code into ...
GitHub

A lightweight API server to get npm package metadata, resolve the latest versions on server, and batch multiple package resolutions in one request.

NPM registry's API is fairly old and not very efficient. For example, requesting https://registry.npmjs.org/vite will make you download 4.38 MB of data, which ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Anthropic Tool Calling Updates Cut Tokens 30–50% in Multi-Step Agent Tasks

Anthropic updates tool calling to reduce token use; tool search cuts tokens up to 80%, making larger tool sets practical.
GitHub

JavaScript captcha solver (Node.js): Bypass reCAPTCHA, Cloudflare, GeeTest and more

Use the JavaScript captcha solver to automatically bypass any captcha - including reCAPTCHA v2, Invisible, v3, Enterprise, Cloudflare Turnstile, GeeTest sliders, Amazon WAF, FunCaptcha, and both image ...