The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.

MultiHopper Opens API for AI Agents Seeking Compliant, Private Onchain Programmable Payment Infrastructure

The first MCP-compatible private programmable onchain routing layer for autonomous agents launches on Solana. Non-custodial, compliance-checked, built for AI. The future of AI-agent commerce cannot ...

Developers can now debug and evaluate AI agents locally with Raindrop's open source tool Workshop

The tool is available for macOS, Linux, and Windows. It can be installed through a one-line shell command that automates binary placement and PATH configuration for bash, zsh, and fish shells.
GitHub

LangChain4j: idiomatic, open-source Java library for building LLM-powered applications on the JVM

LangChain4j began development in early 2023 amid the ChatGPT hype. We noticed a lack of Java counterparts to the numerous Python and JavaScript LLM libraries and frameworks, and we had to fix that!
GitHub

BrandPeng/Langchain1.0-Langgraph1.0-Learning

⚫ 技术栈:Agentic RAG、Agent、LangChain、ChromaDB、SQLite、FastAPI、Vue。 基于LangGrah 1.0的完整多智能体前后端项目。 ⚫ 技术栈 ...

Worrying open-source security issue 'BadHost' could affect millions of AI agents

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.

Anthropic Buys The SDK Pipeline OpenAI And Gemini Depend On

Anthropic acquired Stainless, the SDK compiler behind OpenAI, Gemini and Llama. The deal hands one AI lab structural leverage ...