Perplexity Open-Sources Bumblebee: A Read-Only Supply-Chain Scanner for Developer Endpoints

Perplexity Bumblebee scans developer machines for risky packages, browser extensions, editor add ons, and AI tool configs.

Zano launched its Lite Wallet Beta on May 22, 2026, giving desktop users on Windows, Mac, and Linux a way to access the privacy-first blockchain without downloading the full chain. Zano Lite Wallet Beta Cuts Node Sync Times, Letting Users Access Privacy Chain Fast Syncing a full node on a privacy-focused blockchain can take hours. […]

Discover how content syndication improves AI search visibility, strengthens LLM citations, and supports long-term discoverability across ChatGPT, Google AI Overviews, and Perplexity. Learn how Outset PR approaches AI-driven PR strategy in Web3

AI agents start every session from zero — no memory of meetings, notes, or decisions. GBrain, the open-source memory layer Y Combinator's Garry Tan built to power his own OpenClaw and Hermes deployments, fixes that with a markdown-first knowledge graph that wires itself through regex inference, not LLM calls. This step-by-step coding tutorial walks through installing GBrain v0.38.2.0, building a brain repo, running hybrid search, and connecting it to Claude Code via MCP — about 20 minutes, all terminal output captured live. The post A Step-by-Step Coding Tutorial to Implement GBrain: The Self-Wiring Memory Layer Built by Y Combinator’s Garry Tan for AI Agents appeared first on MarkTechPost.

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used AntV enterprise data visualization tool. Unlike last week’s high-profile npm attack on TanStack, which exploited a complex GitHub Actions cache poisoning weakness, the latest incident early on May 19 took the more conventional route of compromising the credentials of a high-value npm maintainer account. According to analysis by SafeDep, the account in question, atool (i@hust.cc), which publishes the timeago.js JavaScript library, had rights to a large catalog of packages, including popular tools such as size-sensor (4.2 million downloads per month), echarts-for-react (3.8 million), @antv/scale (2.2 million), and timeago.js (1.15 million). This privilege level allowed the attacker to publish at least 637 malicious versions across 317 different npm packages in a single 22-minute burst. This resulted in the compromise of a big chunk

Mini Shai-Hulud npm campaign compromises @antv packages, targeting blockchain developers’ GitHub tokens, AWS keys, and CI/CD secrets in a coordinated supply chain attack. The malicious publishes started just before 2 a.m. UTC on May 19. By the time most developers on the East Coast had their first coffee, the damage was already done. Socket’s Threat […] The post npm Supply Chain Attack Hits @antv: Blockchain Dev Secrets Now Exposed appeared first on Live Bitcoin News.

You shouldn’t have to leave Cursor to build, deploy, or monitor a production-grade agent. You can wire together LangChain, a vector DB, a monitoring tool, and a deployment pipeline yourself, but you’ll spend more time on that plumbing than on the agent itself. DataRobot is the shortcut. It now lives where you build, integrating directly... The post DataRobot for Developers: Skills, MCP, and the agentic developer surface appeared first on DataRobot.

Anthropic has acquired Stainless, a startup that generates SDKs, command-line tools, and MCP servers from API specifications, in a move analysts say targets the “last mile” of developer experience. Founded in 2022 by former Stripe engineer Alex Rattray, Stainless converts API specifications into production-ready SDKs across languages, including Python, TypeScript, Kotlin, Go, and Java. Stainless does not sell primarily to enterprises, but its tools form part of the software development chain that enterprise teams may rely on. They help generate SDKs, documentation, and MCP servers that developers can use to connect AI models, cloud services, and APIs to business applications. In a statement, Stainless said it will wind down all hosted products, including its SDK generator, as the team shifts focus to Claude Platform capabilities and connecting agents to APIs. Existing customers will retain the right to modify and extend SDKs they have already generated. This could have competitive impl