A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

JetBrains预览了用于智能代理软件开发的Central平台，但将停用Code With Me人工配对编程功能。Central是一个智能代理软件开发系统，包含治理、运行代理的云基础设施以及跨存储库和项目的共享上下文。该平台将在今年第二季度开放早期访问。调查显示90%的开发者已使用AI，22%使用AI编程代理。公司面临传统IDE业务威胁，需要在AI发展与保持核心客户之间找到平衡。

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

Dev tooling biz JetBrains has previewed Central for agentic AI software development but will retire the Code With Me human ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Mozilla正在开发开源项目cq，旨在为AI代理提供发现和分享集体知识的平台。该项目解决了代理重复遇到相同问题、造成不必要工作和token消耗的痛点。cq采用三层知识架构：本地、组织和全球公共层，知识单元从低置信度开始，随着其他代理或人类确认而提升可信度。项目面临内容投毒和提示注入等安全挑战，Mozilla计划通过异常检测、多样性要求和人工验证等机制应对。

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...