Blog archive
Older posts, still statically generated and indexed.
CVE-2026-33579 let low-privilege OpenClaw users escalate to admin. If you're below v2026.3.28, patch now and review access.
A leaked Claude Code npm package exposed source code, then shipped trojanized axios versions—showing how fast an AI tool can become supply-chain risk.
Claude Computer Use lets Claude Pro and Max subscribers hand their Mac over to an AI agent that operates the desktop autonomously -- clicking, typing, navigating between apps -- based on plain-language instructions. No c
ClaudeClaw is Claude Code used for automation. OpenClaw is a self-hosted automation platform. The difference is speed versus control.
Cursor 3 (codenamed Glass) launched April 2, 2026 with an agent-first interface. You describe a task in plain language, an AI agent does the work, and it remembers your preferences across sessions. You can also create we
Any authenticated OpenClaw user could escalate to admin during the WebSocket handshake. The fix is in v2026.3.12.
A low-privilege OpenClaw token could rotate itself into a full admin token in one API call. The fix is in v2026.3.11.
Removing a device from OpenClaw did not kill its active session. Affected versions kept the revoked device connected until the WebSocket dropped.
axios npm packages v1.14.1 and v0.30.4, bundled in the Claude Code npm release, were confirmed to contain a Remote Access Trojan (RAT). The compromised versions were live on npm on March 31, 2026 between 00:21 and 03:29
CISA added Langflow CVE-2026-33017 to the KEV catalog, confirming active exploitation and setting an April 8 patch deadline for federal agencies.
OpenAI's Codex now connects to 20+ work apps including Slack, Notion, Gmail, Google Drive, and Figma through a new plugin system. You don't need to write code. You describe what you want done, Codex coordinates across yo
OpenClaw is becoming foundational AI agent infrastructure. OpenAI hired its creator, Meta acquired around the ecosystem, and developer education outlets are now teaching it as a core platform.