ToolJet raises funding from Microsoft's M12 Fund, GitHub

Open-source low-code developers platform ToolJet has raised funding from M12, the venture arm of Microsoft and cloud-based ...

AI Porting: Claude Rewrites Bun Codebase in Rust

The JavaScript and TypeScript server and bundler Bun will consist of Rust code in the future. Within weeks, Claude Code ...
techtimes

CloakHQ’s Open-Source Chromium Fork Defeats Cloudflare, DataDome, and PerimeterX Without Configuration

A Chromium fork called CloakBrowser, released by New York-based CloakHQ in early 2026, has surpassed 9,200 GitHub stars this week after its latest update added a Windows x64 build and closed what ...
The Caledonian-Record

Hong Kong's Votee AI and Toronto's Beever AI Open-Source Beever Atlas — Turns Telegram, Discord, Mattermost, Microsoft Teams and Slack Chats Into a Living Wiki

Two editions of an open-source LLM Knowledge Base purpose-built for team chat — Open Source (Apache 2.0) for individuals · ...

OpenAI says no user data stolen after supply-chain hackers accessed employee devices

OpenAI said it found no evidence that user data was accessed after a supply-chain attack involving the TanStack npm library.

BrowserAct Open-Sources Two AI-Agent Skills, Giving Agents the Power to Use the Real Web

Then imagine it replying: "Sorry, the website won't let me in." That's the quiet failure mode behind most AI agents today.
CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
Communications of the ACMOpinion

Open Source’s Hidden Language Gap

Open-source i18n is not blocked by goodwill; it’s blocked by missing maintainer-safe infrastructure. Language contributors ...
Morning Overview on MSN

Malicious open-source packages have surged 73% in 2026 as attackers poison the software supply chain

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...