TeamPCP compromises NPM maintainer with over 540 packages
A threat actor tracked as TeamPCP has compromised two npm maintainer accounts — including the one behind the AntV data-visualization suite — republishing 324 packages with over 16 million combined weekly downloads.
Google's Guide to Optimizing for Generative AI Features on Google Search | Google Search Central | Documentation | Google for Developers
Learn how to optimize your website for Google Search's generative AI features, including official best practices, technical SEO advice, and emerging AI agent guidance.
🚨 We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase. (1/6)
AI Discovers CVE-2026-46333 Linux Kernel Vulnerability
AI-powered code analysis uncovers fourth critical Linux kernel flaw in May 2026. CVE-2026-46333 targets ptrace. Get mitigation steps and patch info here.
Fleet-Scale Kubernetes: An Operating Model for Homogeneous Clusters with Decoupled Capacity
Kubernetes was designed for a single cluster. As organisations scale to fleets of tens, hundreds, or thousands of clusters, the operational model hasn't kept up. This paper proposes one that does.
Digital Safety for Activists: 40+ Tools, Threats & OPSEC Guide
Read our essential guide to digital safety for activists and discover practical tools, guides, and other resources to help you protect yourself and your organization.
Why I'm leaving GitHub for Forgejo | Jorijn Schrijvershof
I left GitHub for self-hosted Forgejo on a hardened NUC. The reason is digital sovereignty, not reliability outages. Here's the thinking and the architecture.
00:00 Intro00:58 Interview process04:16 Starting at Atlassian04:35 Building an Open Service Broker07:43 Diagram of OSB architecture09:56 Picking a proxy tech...
Exclusive: Meta employees protest against mouse tracking tech at US offices
Meta employees distributed flyers at multiple U.S. offices on Tuesday to protest against the company's recent installation of mouse-tracking software on their computers, according to photos of the pamphlets seen by Reuters.
Anthropic reinstates OpenClaw and third-party agent usage on Claude subscriptions — with a catch
If an agent is inefficient and burns through tokens, it simply drains the user's new $20 to $200 Agent SDK credit budget faster, rather than exceeding the value of Anthropic's fixed monthly subscription tiers.
NGINX Rift: Achieving NGINX Remote Code Execution via an 18-Year-Old Vulnerability | depthfirst
We used the depthfirst system to analyze the NGINX source code, and it autonomously discovered 4 remote memory corruption issues, including a critical heap buffer overflow introduced in 2008. We further investigated the exploitability of the issues, and developed a working proof of concept demonstrating RCE with ASLR off. If you use rewrite and set directives in your NGINX configuration, you're at risk.
Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
Following last week's disclosure of the Dirty Frag vulnerability for the Linux kernel, which only finished being patched up in mainline on Monday, Fragnesia is now public as a similar local privilege escalation (LPE) vulnerability.
Amusing Numerology: How Base-5 Domain Numbers Reveal a Single Hidden Campaign
Discover how analyzing numeric patterns in domain names—specifically a rare base-5 encoding—reveals hidden links between seemingly separate clusters and exposes a single coordinated campaign.
Red Hat agentic skills - Red Hat Ecosystem Catalog
Raw MCP tools provide the connection, but Red Hat Agentic Skills provide the expertise. Move beyond manual tool-calling with a curated collection that embeds reliability, safety, and Red Hat best practices into every AI interaction.