Supply chain attacks feel like they're becoming more and more common.

今天，《人物》杂志发表了一篇报道： 文章中提到，Kimi 这群人，很会起名字，起名字的时候很有品味。 在 2025 年的 9 月，公司内部启动了一个小项目，名为「Ensoul」（赋予灵魂）。 根据 APPSO 了解，Ensoul ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

I’ve used plenty, but this one rewired my daily workflow.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

OpenAI announced they are extending the Responses API to make it easier for developer to build agentic workflows, adding ...

专注AIGC领域的专业社区，关注微软&OpenAI、百度文心一言、讯飞星火等大语言模型（LLM）的发展和应用落地，聚焦LLM的市场研究和AIGC开发者生态，欢迎关注！AI ...