The Hacker News

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Two Composer flaws (CVE-2026-40176, CVE-2026-40261) allow command execution via Perforce configurations, prompting urgent updates.
InfoWorld

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

DaVinci Resolve 21 Adds Photo Editing and AI Search Tools

Blackmagic Design has announced a major update to its professional video editing and color correction software, DaVinci ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
TMCnet

Blackmagic Design Announces DaVinci Resolve 21

NAB 2026 - Blackmagic Design today announced DaVinci Resolve 21, a significant update introducing the new Photo page, which ...

PDF Association Releases FAQ to Address Misconceptions on the Role of PDF Content in Training and Grounding AI Systems

The new resource clarifies why PDF is a superior source for AI data mining due to its high information density and rich ...
XDA Developers on MSN

I stopped jumping between monitoring dashboards with one Claude Code command

Automation that actually understands your homelab.

Hackers use pixel-large SVG trick to hide credit card stealer

A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
InfoWorld

Spring AI tutorial: How to develop AI agents with Spring

Build your first fully functional, Java-based AI agent using familiar Spring conventions and built-in tools from Spring AI.

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...