Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE ...

Moonwell’s $1.78 million oracle mispricing exploit is reigniting debate over “vibe-coded” smart contracts and how AI tools like Claude Opus 4.6 should be governed in DeFi development.

ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...

SAVANNAH, Ga. (WSAV) — UPDATE: According to the Savannah Police Department (SPD), the suspicious package has been removed from the scene and was placed in a special container. It was placed in a ...

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...

MeridianAlgo is a professional-grade, high-performance quantitative finance framework for JavaScript and TypeScript. It provides institutional-quality tools for algorithmic trading, backtesting, risk ...

President Trump on Tuesday signed a five-bill minibus and two-week continuing resolution to fund the Department of Homeland Security (DHS) into law, ending the partial government shutdown. Twenty-one ...

WASHINGTON (NewsNation) — The House narrowly passed a funding package to end a partial government shutdown, with a 217-214 vote. The measure will end the partial government shutdown that began ...

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Despite more than a month after ...