Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

过去一年，主流 AI Agent 平台几乎都引入了沙箱机制，但模式如出一辙：用容器或微虚拟机封装，套上硬件隔离，然后对外宣称"安全"。资本涌向"军事级隔离"概念的 AI 基础设施公司，工程团队花数月时间对接 ...

Anthropic's new initiative, Project Glasswing, unites a dozen major organizations—including Apple, Google, Microsoft, AWS, ...

4 月 2 日刚开源，两天狂揽 1.9K+ GitHub Star，登顶全球 Trending 榜首用1.1 万行 Python 代码，实现了闭源巨头 51.2 万行代码 98% 的核心工具能力，体积直接压缩 44 倍；完全兼容 Claude ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

All in all, your first RESTful API in Python is about piecing together clear endpoints, matching them with the right HTTP ...

Microsoft has released version 1.0 of its open-source Agent Framework, positioning it as the production-ready evolution of the project introduced in October 2025 by combining Semantic Kernel ...

OpenClaw is AI assistant designed to perform tasks like booking flights, managing emails. The craze, risks to Beijing's tech ...

On the server and on the desktop, these apps helped showcase what Linux can do.

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.