AI companies keep publishing private API keys to GitHub

"Hugging Face tokens are notorious for allowing access to private AI models," said Berkovich. "The leaked Hugging Face token belonging to an AI 50 company could have exposed access to ~1,000 private ...
The Hacker News

Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...
InfoWorld

Agentic coding with Google Jules

Jules performs better than Gemini CLI despite using the same model, and more like Claude Code and OpenAI Codex.