Alchemy unveiled a system enabling AI agents to autonomously pay for and access blockchain data using USDC on Base, as agent adoption expands across crypto platforms.
Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in OpenClaw that allows any website to silently take full control of a developer's AI ...
Microsoft has announced that the Microsoft Agent Framework has reached Release Candidate status for both .NET and Python. This milestone indicates that the API surface is stable and feature-complete ...
The first of the three flaws involved abusing Claude's Hooks feature to achieve remote code execution. Hooks are user-defined shell commands that execute at various points in the tool's lifecycle, ...
OpenClaw has sparked heavy Telegram and dark web chatter, but Flare's data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills ...
A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results