The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

Most organizations can see their software security risks. Far fewer can act on them fast enough to matter – and with the EU ...

This week in cybersecurity: 338 new CVEs published including 11 critical severity. 9 vulnerabilities added to CISA KEV catalog. Plus major developments in AI security, supply chain attacks, and ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, impacting multiple OS.

Anthropic brings Claude into Microsoft Word, enabling in-document AI edits, comment-based updates, and cross-app workflows in ...

Library Manager lands in dy Install Libs with one-click library install, enable, and disable for Houdini packages.

一、引言：Anthropic Agent Skills的发展史起源：时间拨回2025年10月16日，Anthropic在 Claude 3.7 Sonnet / Opus 中正式推出 Claude Skills 功能。定位解决通用大模型在垂直场景中“知道但不会做”的问题，提升任务执行的可靠性与一致性。刚一推出，在开发者社区获得高度评价。标准：再到2025年12月18日，Anthropic 联合多.

Samsung is sunsetting its own chat app while Apple adds end-to-end encryption to its already-live RCS, hinting that the final texting firewall might soon drop. Meanwhile, Cloudflare drafts a ...

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.