Google’s best new AI feature is just a really good to-do list

Google unleashed a torrent of Gemini updates last week, but this daily summary of to-dos is the only one I’m still using.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...