ClawHub Skills 暴露 AI Agents 面临远程控制后门与数据窃取攻击风险

现代AI Agents已超越简单的问答功能,能够代表用户执行操作、管理文件及运行代码。这种能力跃迁同时开启了危险的新攻击维度——针对ClawHub市场的恶意skills已暴露出AI Agent生态系统的严重脆弱性。作为2026年增长最快的开源AI Agent平台OpenClaw的官方技能市场,ClawHub的skills数量从1月的不足2000个激增至4月的5万余个,这种爆炸式增长在吸引数百万用户 ...
51CTO

Google 上周推了个 agents-cli,我装完发现 Claude Code 多了七个超能力

如果你是 Claude Code 的日常用户,又对 AI Agent 开发感兴趣——装。 adk-code + scaffold + eval 这三个 Skill 组合起来,能把你的 Claude Code 从「写代码的助手」变成「帮你搭 Agent 系统的搭档」。 上周我刷 GitHub Trending 的时候,看到一个仓库两天 ...
Elektor Magazine

Raspberry Pi zero to boot by choice

This project introduces a simple GPIO button-based boot selector that lets you choose between a timelapse camera and a ...
Elektor Magazine

Time lapse timed photography on Raspberry Pi_Zero Ver-2

Lapse… so does this $25 Raspberry Pi Zero! Tiny, lightweight, and incredibly versatile. Mount it anywhere—from rooftops to ...
itechhacks

How to Start Jupyter Notebook From Command Line (Windows, Mac & Linux)

Jupyter Notebook is a tool to run and write Python code easily, showing results right away, and allowing you to combine code, charts, notes, and files in one place ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.