🦔 Researchers at Aikido Security found 151 malicious packages uploaded to GitHub between March 3 and March 9. The packages use Unicode characters that are invisible to humans but execute as code when run. Manual code reviews and static analysis tools see only whitespace or blank lines. The surrounding code looks legitimate, with realistic documentation tweaks, version bumps, and bug fixes. Researchers suspect the attackers are using LLMs to generate convincing packages at scale. Similar packages have been found on NPM and the VS Code marketplace.
My Take
Supply chain attacks on code repositories aren't new, but this technique is nasty. The malicious payload is encoded in Unicode characters that don't render in any editor, terminal, or review interface. You can stare at the code all day and see nothing. A small decoder extracts the hidden bytes at runtime and passes them to eval(). Unless you're specifically looking for invisible Unicode ranges, you won't catch it.
The researchers think AI is writing these packages because 151 bespoke code changes across different projects in a week isn't something a human team could do manually. If that's right, we're watching AI-generated attacks hit AI-assisted development workflows. The vibe coders pulling packages without reading them are the target, and there are a lot of them. The best defense is still carefully inspecting dependencies before adding them, but that's exactly the step people skip when they're moving fast. I don't really know how any of this gets better. The attackers are scaling faster than the defenses.
Hedgie🤗
arstechnica.com/security/2026/…
We recently got a lot of New Info about #DyingLightTheBeast during and after the Summer Game Fest event.
So we got info about BTZ gamemode, Dynamic Weathers, Animations, Upcoming content & More.
Watch this video to learn everything: youtu.be/6-L41nmijWM
I found a way to stuff up to ~3MB of data inside a PNG file on twitter. This is even better than my previous JPEG ICC technique, since the inserted data is contiguous.
The source code is available in the ZIP/PNG file attached:
Just woke up from oral surgery and can't say this enough. - Thank you to everyone that has stuck by my side though my journey. It's been a hell of a ride so far and only keeps getting better!
I got a wonderful job, and even my home/hobby life - couldn't be better! We got some projects for the public soon! I'm grateful for the people and other developers that reached out to me and are teaming up with some of the best people I know! - even some of my idols!
Stay tuned! 💪
Little late on this, but...
Thanks again @Hak5 for the shout-out! Will have some crazy new methods coming for the community soon!
#hak5#SharkJack#cybersecurity
(EDIT: Yes I'm aware they messed up the payload description. - Nobody is perfect.)
Original Link:
instagram.com/p/DIect3gSEix/…
Wow! I'm absolutely amazed on how fast things change.. Earlier in the month I had to deal with a housing situation, was looking at spending crazy amounts of money again. - But just as quickly as things got worse, they got better!
NOW I don't pay ANYTHING for rent and have developed some of the coolest and most complete projects in along time!
To all the suckers paying for Rebrandly (a URL Shortening Service) why pay - when you can just do it yourself. From Docker to CloudFlare in one script. (Install Script will be available soon!)
Note - This plugin is available on my GitHub!
More to come! Stay tuned!