Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
DataBreachToday

OpenAI's Coding Agent Flaw Exposed GitHub Passwords

Security researchers at BeyondTrust Phantom Labs discovered a critical flaw in OpenAI's Codex coding agent that allowed an ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
TechBooky

GitHub Expands AI Security Detections Across More Languages

GitHub is adding AI-powered security detections to its Code Security offering, aiming to catch more vulnerabilities across a ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
WinBuzzer

GhostClaw Fake OpenClaw Installer Steals macOS Dev Credentials

JFrog has uncovered GhostClaw, a fake OpenClaw npm package that stole Keychain passwords, cloud credentials, and crypto ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.
TechCrunch

Anthropic launches code review tool to check flood of AI-generated code

When it comes to coding, peer feedback is crucial for catching bugs early, maintaining consistency across a codebase, and improving overall software quality. The rise of “vibe coding” — using AI tools ...
The Verge

How Claude Code Claude Codes

On The Vergecast: How vibe coding took off, how carefully you should guard your email, and how soon you should upgrade your phone. On The Vergecast: How vibe coding took off, how carefully you should ...
Wired

Code Metal Raises $125 Million to Rewrite the Defense Industry’s Code With AI

Code Metal, a Boston-based startup that uses AI to write code and translate it into other programming languages, just closed a $125 million Series B funding round from new and existing investors. The ...
komonews

New Seattle code aligns with Keep Washington Working, limiting data used in ICE actions

SEATTLE — The Seattle City Council voted 8-0 on Tuesday to approve a bill aimed at limiting the sharing of personal information for federal civil immigration enforcement (ICE). ALSO SEE | King County ...