Supply chain attacks feel like they're becoming more and more common.

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Seriously? Astral's tools aren't even AI-focused, and now they're tied to a company that's losing money hand over fist? Click to expand... I'm guessing that a fair amount of stuff around AI (be it ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

如果你是一名 Python 开发者，对 pip install命令肯定很熟悉——这是最常用的套件安装指令，可用来从 PyPI 或其它来源安装、升级与管理套件。 但就在 3 月 24 ...

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...

For years, facility digitisation has relied on a single, expensive robot slowly traversing every corridor of a warehouse, laboratory ...

写在最前面，2月28日通义实验室AgentScope团队发布了自研的独立部署开源桌面Agent工具：CoPawhttps://copaw.agentscope.io/CoPaw是整体架构上类似openclaw的工具，用的agentscope框架搭建， ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

然而，当上手训练 SWE Agent 时，却发现事情并不简单。当前 SWE Agent 的训练都是通过容器（Docker 或 Podman）来实现运行环境的隔离和复现。但是，容器的高昂开销却把很多从业者拒之门外。

过去十年间，Kubernetes已经演变为现代IT基础设施的核心平台之一。它通过可扩展的架构与声明式的资源定义模型，让企业能够管理大规模、高度分布式的容器化负载，并能够自动化各类运维任务。

在人工智能编程的浪潮中，软件工程智能体（SWE Agent）成为了众多开发者和研究者关注的焦点。如何有效且低成本地训练这些智能体，成为了一个亟待解决的问题。最近，北京大学的研究团队推出了SWE-MiniSandbox，这一全新的开源框架为没有容器资源的开发者提供了一个极具吸引力的解决方案。 无容器训练的革命性突破 SWE-MiniSandbox的核心创新在于其无需依赖传统的容器技术（如Docker ...