During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Gesture control robotics replaces traditional buttons and joysticks with natural hand movements. This approach improves user ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Claude Cowork saved me countless hours renaming hundreds of old pictures.

OpenAI has launched the Codex app for Windows, a desktop tool that lets developers run multiple AI coding agents, automate ...

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...