Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
This AI research tool saved me hours organizing technical notes, but it has one fatal flaw at scale.