GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Lobster buffet: China’s tech firms feast on OpenClaw as companies race to deploy AI agents

China-based usage of OpenClaw has already topped that of the U.S., while driving demand for Chinese lower-cost AI models.
InfoQ

DoorDash Builds DashCLIP to Align Images, Text, and Queries for Semantic Search Using 32M Labels

DoorDash has launched a multimodal machine learning system that aligns product images, text, and user queries in a shared ...