The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

4K unintended installs in very odd supply chain attack Someone compromised open source AI coding assistant Cline CLI's npm package earlier this week in an odd supply chain attack that secretly ...

While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.

ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...

The House has approved a more than $1 trillion spending package that brings to an end the partial government shutdown. The legislation passed by a vote of 217 to 214, with 21 Democrats joining ...

Copyright 2026 The Associated Press. All Rights Reserved. Copyright 2026 The Associated Press. All Rights Reserved. A debate over funding for the Department of ...

WASHINGTON (NewsNation) — The House narrowly passed a funding package to end a partial government shutdown, with a 217-214 vote. The measure will end the partial government shutdown that began ...

Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. On January 26, ...

Ukraine’s cyber defenders warn Russian hackers weaponized a Microsoft zero-day within 24 hours of public disclosure, targeting government agencies with malicious documents delivering Covenant ...

Malicious open source software packages have become a critical problem threatening the software supply chain. That’s one of the major takeaways of a new report titled “State of the Software Supply ...

Security researchers have warned that the open source ecosystem has become a “structural risk,” after revealing another surge in malicious packages last year. Sonatype said in its 2026 State of the ...