Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.

Tenable Research has disclosed two critical vulnerabilities in Google Looker, collectively dubbed “LookOut,” that could allow attackers to take full control of vulnerable systems or siphon off ...

A software engineer has created ClawBands in GitHub to put human controls on the popular but risky OpenClaw AI agent. Meanwhile, OpenClaw developer Peter Steinberger is moving to OpenAI to continue ...

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...

Uniswap has published a new GitHub repository with AI-oriented tools that make it easier for developers to integrate autonomous AI agents.

Claude Code adds native worktree support for parallel branches; needs Git init and one commit, clearer task isolation results.

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Security experts have identified three critical vulnerabilities in Anthropic's Claude Code, potentially allowing remote code ...

The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

Claude Code sessions stay readable using /context audits and /compact summaries, so you can keep long tasks on track.