Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

I found 7 unique Windows apps that run AI tasks locally using an NPU

Have an AI PC with an NPU, but have no idea how to make the most of it? You might want to start with one of these 7 great ...
The Hacker News

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

LiteLLM 1.82.7–1.82.8 supply chain attack exposed 33,185 secrets across 6,943 machines, leaving 3,760 valid credentials ...

OpenClaw gives users yet another reason to be freaked out about security

Once the access is given, OpenClaw is designed to act precisely as the user would, with the same broad permissions and ...