A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Instead of requiring users to provision their own hardware or Virtual Private Servers (VPS), KiloClaw runs on a multi-tenant Virtual Machine (VM) architecture powered by Fly.io ...
Diesel Vortex, a Russia-linked cybercrime group, stole 1,600+ logistics credentials in a phishing campaign targeting US and EU freight platforms.
When Tomahawk shut down in 2016, it was powered by a team of six. A decade later, developer J Herskowitz has vibe-coded it ...
Anthropic has launched Claude Code Security, an AI vulnerability scanner that found 500+ undetected bugs, plus desktop automation and GitHub PR auto-merge.
Open source doesn’t guarantee responsible AI. But it increasingly makes responsible evaluation possible for smaller organizations.
Enkrypt AI introduces open-source protection for the AI development supply chain, securing coding assistant Skills ...
Bob van Luijt, Co-Founder and CEO of Weaviate—which he launched as an open-source vector search engine in March 2019—shared ...
The most advanced analytics platform for open-source AI. Track daily metrics on stars, forks, and commits to validate ...
Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.
Developers Can Now Search, Analyze, and Secure PHP Dependencies with AI-Powered Supply Chain Protection It would be ...
The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results