The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

IO Biotech, Inc., a clinical-stage biopharmaceutical company, develops immune-modulating therapeutic cancer vaccines based on the T-win technology platform. The company’s lead therapeutic cancer ...

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

Images are the Largest Contentful Paint element on 85% of desktop pages and 76% of mobile pages, according to the 2025 HTTP ...

Apollo reports that effective digital marketing accelerates B2B growth by understanding buyers, nurturing leads, and ...

一、引言：Anthropic Agent Skills的发展史起源：时间拨回2025年10月16日，Anthropic在 Claude 3.7 Sonnet / Opus 中正式推出 Claude Skills ...

2026 年 3 月 31 日凌晨，安全研究员 Chaofan Shou 在检查 npm 包时发现了一件奇怪的事。Anthropic 刚刚发布的 Claude Code 2.1.88 版本里，多了一个约 60MB 的 `.js.map` ...

但泄露出去的代码也证明了Claude ...