Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
Visual Studio Magazine

Microsoft Ships Production-Ready Agent Framework 1.0 for .NET and Python

Microsoft has released version 1.0 of its open-source Agent Framework, positioning it as the production-ready evolution of the project introduced in October 2025 by combining Semantic Kernel ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...
GitHub

xianyu110/awesome-openclaw-tutorial

Agent生态丰富 扣子 OpenClaw 1800+Skills → 99元/月起 ...
GitHub

GNAP: git-native persistent task coordination for multi-agent handoffs

The new Agents SDK does handoffs really elegantly, but like most agent frameworks the coordination state is ephemeral — restart the process and the task graph is gone. I wanted to share a ...