Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.

Tenable Research investigated a malicious package in the npm public registry named “amber-src” that underscores the rapid nature of modern supply chain attacks. The package, which was downloaded ...

The Clawdbot AI Assistant Now Has More GitHub Stars Than React. OpenClawd Wants to Make Sure You Can Actually Run It. NEW ...

Here’s how to be sure you have the latest HomePod software update. Or stop your smart speaker from updating automatically. The HomePod operating system occasionally needs updating, because the device ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

4K unintended installs in very odd supply chain attack Someone compromised open source AI coding assistant Cline CLI's npm package earlier this week in an odd supply chain attack that secretly ...

Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to ...

Windows 11 version 26H1 launches exclusively on ARM-based Snapdragon X2 devices in 2026. Version 26H1 is not an in-place update and skips broad enterprise distribution channels. Windows 11 26H1 uses a ...

Microsoft’s Windows 11 Insider Preview Build 26220.7961 for 25H2 fixes File Explorer flashes, adds voice typing for renaming, and restores Administrator Protection.

Version 2.7 of the runtime for JavaScript and TypeScript stabilizes the Temporal API, introduces npm overrides, and ...

Windows 11’s February 2026 Insider build brings a fresh round of new features and several changes—some small quality‑of‑life tweaks, some more noticeable additions, all part of Microsoft’s steady ...