CSOonline

Compromised npm package silently installs OpenClaw on developer machines

A new security bypass has users installing AI agent OpenClaw — whether they intended to or not. Researchers have discovered that a compromised npm publish token pushed an update for the widely-used ...
The Herald-Times

Ring Programming Language Expands with Major Package Contributions from Developer Youssef Saeed

Youssef’s contributions, creativity, and technical excellence have enriched the entire community. These packages open new doors for developers and showcase what is possible when passion meets purpose.
GitHub

Difficulty debugging MXE package variables inside .mk files

I’m exploring MXE and trying to understand the flow of package builds better. As part of my workflow, I like to trace the values of key variables (like $(PKG), $ (TARGET), $(SOURCE_DIR), $ (BUILD_DIR) ...
The Hacker News

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that's functional on ...
The Hacker News

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems

In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI ...
GitHub

LeonSGP43/Claude-code-ChatUI

⚠️ Important Version Notice (Updated 2025.11.05): Claude Code official has released v2.0.33, which can be directly installed using methods compatible with v1.0.48. We recommend using v2.0.33 with ...