North Korean hackers used an updated version of a known backdoor to target a popular npm package.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...

后台有个服务叫 autoDream。触发条件：距上次 Dream 超过 24 小时 + 至少 5 个新 session + 获取排他锁。触发后执行四个阶段：感知、采集、整合、修剪。这个 Dream 子 Agent 只有只读权限。

近日，智谱（02513.HK）宣布推出一款名为GLM-5V-Turbo的多模态Coding基座模型，该模型专为视觉编程领域设计，旨在突破传统编程对纯文本输入的依赖。通过深度融合视觉与文本处理能力，GLM-5V-Turbo实现了从设计稿、截图到网页界面的多模态理解，能够直接将这些视觉元素转化为可运行的代码。

Gaming firms prioritise senior tech talent as AI shifts hiring toward skills-based recruitment models globally and in SA.

开发者广泛使用的Axios HTTP客户端库这一Java组件最近遭到黑客攻击，通过被入侵的账户分发恶意软件。

A：目前1180万个开源程序中有700万个只有单一维护者，即使是每月下载量超过百万次的热门NPM包中，约有一半也只由一个人维护。这意味着成千上万重要程序可能因维护者的意外而失去维护。