How I stopped a massive WordPress spam attack with 4,700 lines of code in two days - thanks to Codex and Claude ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.