Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

The most comprehensive toolkit for Claude Code -- 135 agents, 35 curated skills (+15,000 via SkillKit), 42 commands, 121 plugins, 19 hooks, 15 rules, 7 templates, 6 MCP configs ...

One hundred twenty-one production-ready plugins that extend Claude Code with domain-specific capabilities.
GitHub

Claude Code Skills & Agents Factory

claude-code-skills-factory/ ├── README.md # This file ├── CLAUDE.md # Repository guidance ├── AGENTS.md # Codex CLI documentation (auto-generated) ├── CHANGELOG.md # Version history ├── .claude/ │ ├── ...