Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Cryptopolitan on MSN

Cordyceps flaws let anyone with a free GitHub account hijack CI/CD pipelines at Microsoft, Google, and Apache

Security firm Novee has revealed Cordyceps as a class of exploitable CI/CD vulnerabilities across open-source repositories ...

Treno Scope Launches “Data for All” Initiative, Empowering Developers in Vietnam and Thailand

Today, the leading Web3 market data infrastructure provider in Southeast Asia, Treno Scope, officially announced the launch ...

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.

24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data

Cybernews researchers found an exposed database with 24 billion credential records, raising fresh risks from password reuse ...
MUO on MSN

I fixed Claude's memory problem with a Postgres database and it changed everything

My AI stopped having goldfish syndrome.
techtimes

GitHub Copilot Replaces GPT-4 With Project Polaris, Ships Multi-Agent VS Code at Build

An audience member seated near a Microsoft logo listens as Microsoft Chairman and Chief Executive Officer Satya Nadella speaks during the Microsoft Build conference opening keynote in Seattle, ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
marktechpost

Meet GitNexus: An Open-Source MCP-Native Knowledge Graph Engine That Gives Claude Code and Cursor Full Codebase Structural Awareness

There is a quiet failure mode that lives at the center of every AI-assisted coding workflow. You ask Claude Code, Cursor, or Windsurf to modify a function. The agent does it confidently, cleanly, and ...
The New York Times

Anthropic’s Leaked Code Tests Copyright Challenges in A.I. Era

Artificial intelligence tools are making it faster than ever to reproduce creative work. Does copyright even matter anymore? By Meaghan Tobin Reporting from Taipei, Taiwan Sigrid Jin was waiting to ...