GhostClaw turns GitHub habits into a macOS malware pipeline

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine install habits make running malware feel completely normal.
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Building Apps with Google Antigravity & Firebase, Step by Step

Google Antigravity with Gemini 3.1 pairs with Firebase to easily build apps with sandbox payments, webhook verification and ...

PetClaw AI Launches Autonomous Desktop AI Companion for 24/7 Productivity

New AI Desktop Pet Operates Across Applications, Automates Tasks, and Supports Users with Long-Term Memory PetClaw AI Logo SAN FRANCISCO, March 20, 2026 (GLOBE NEWSWIRE) -- PetClaw AI today announced ...

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour

With Gemini and a simple Python script, I rebuilt YouTube email alerts. Now I won't miss another comment. Here's how you can do the same.
CNX Software

Certified Android devices won’t let user sideload APK app files anymore, or at least it won’t be straightforward

Google won't allow people to (easily) sideload apps through APK files on certified Android devices starting in September 2026. It will still be possible, ...

As OpenClaw enthusiasm grips China, schoolkids and retirees alike raise 'lobsters'

By Laurie Chen and Eduardo Baptista BEIJING, March 19 (Reuters) - Fan Xinquan, a retired electronics worker in Beijing, has recently started raising a "lobster," hoping that the AI agent he has been ...

Cryptographers engage in war of words over RustSec bug reports and subsequent ban

Since February, cryptographer Nadim Kobeissi has been trying to get code fixes applied to Rust cryptography libraries to ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
MacStories

First Look: Hands-On with Claude Code’s New Telegram and Discord Integrations

Late yesterday, Anthropic announced messaging support for Claude Code, allowing users to connect to a Claude Code session ...