Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate ...

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and ...

Boris Cherny, the creator and Head of Claude Code at Anthropic, has confirmed that there was a leak of the company’s internal ...

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

The Road to the Kentucky Derby is getting closer to Derby 152, and the latest TwinSpires offer code CBSSPORTS is available for Saturday's big Derby prep races. The Road to the Kentucky Derby continues ...

Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, ...

Everything you may have missed from the past week.