The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Tech Times

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
fintechnews

Fingerprint Launches AI Assistant Detection Preview for Real-Time Traffic ID

Fingerprint has released the preview version of its AI Assistant Detection and Automation Intelligence API, delivering an AI traffic identification layer designed to detect automated systems in real ...