Crypto Briefing

Anthropic’s Claude Code leak reveals autonomous agent tools and unreleased models

Anthropic exposed Claude Code source on npm, revealing internal architecture, hidden features, model codenames, and fresh ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Security Boulevard

AI Infrastructure LiteLLM Supply Chain Poisoning Alert

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
Visual Studio Magazine

Getting My OpenClaw Around VS Code

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...
The Malaysian Reserve

CNCF Welcomes 21 New Silver Members As Global Demand Surges for Observability, AI, and Secure Cloud Native Infrastructure

New global members join CNCF reflecting the rise of enterprise demand for scalable, cost-efficient cloud native technologiesAMSTERDAM, March 25, 2026 ...