The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

写在最前面，2月28日通义实验室AgentScope团队发布了自研的独立部署开源桌面Agent工具：CoPawhttps://copaw.agentscope.io/CoPaw是整体架构上类似openclaw的工具，用的agentscope框架搭建， ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

报告日期：2026-02-28 关键词： Agent Skills, MCP, OpenClaw, A2A, Agentic AI, 模块化架构一、谁提出了从 Agent 到 Skills 的转变？1.1 起源：Anthropic ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

Your old laptop is about to outwork that overpriced NAS box ...

RefTool brings reference camera controls into one Maya UI, with free and paid versions plus JSON export for reusable setups.

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...

Blender Live Link connects Blender and Unreal for one-click sending and live sync, plus material baking and UV handling.