Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.

Following up on Cloudflare's acquisition of Replicate, Cloudflare is expanding its model catalog to allow developers ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Microsoft has released version 1.0 of its open-source Agent Framework, positioning it as the production-ready evolution of the project introduced in October 2025 by combining Semantic Kernel ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

“The repo named in the notice was part of a fork network connected to our own public Claude Code repo, so the takedown reached more repositories than intended,” an Anthropic spokesperson told ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship terminal-based AI coding agent) through a 59.8 MB JavaScript source map (.map) file ...

Anthropic is trying to remove details about its coding agent from GitHub, but programmers are converting the code into different scripting languages to evade the takedowns.

Anthropic leaked 512,000 lines of Claude Code source via npm, its second security lapse in days as the $350B startup eyes a Q4 IPO.

A new “semi-formal reasoning” approach forces AI models to trace code paths and justify conclusions, improving accuracy while reducing reliance on costly execution environments.