The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
Arabian Post

LeRobot flaw exposes robotics AI servers

Hugging Face’s LeRobot robotics framework is facing scrutiny after disclosure of a critical remote code execution ...