Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Visual Studio Magazine

Spring AI 2.0 Goes GA, Giving Java Developers a More Mature AI App Stack

Spring AI 2.0 advances the Java framework for generative AI apps with a Spring Boot 4 baseline, cleaner agentic tooling, Model Context Protocol support and vendor-backed integrations including Azure ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
techtimes

GitHub Copilot Replaces GPT-4 With Project Polaris, Ships Multi-Agent VS Code at Build

An audience member seated near a Microsoft logo listens as Microsoft Chairman and Chief Executive Officer Satya Nadella speaks during the Microsoft Build conference opening keynote in Seattle, ...

Apple takes over Swift Package Index, vows to remove GitHub dependency

The Swift Package Index (SPI), a search engine for open source packages for the Swift programming language, is now part of ...
Cryptopolitan on MSN

Cordyceps flaws let anyone with a free GitHub account hijack CI/CD pipelines at Microsoft, Google, and Apache

Security firm Novee has revealed Cordyceps as a class of exploitable CI/CD vulnerabilities across open-source repositories ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
Windows Latest

Microsoft called Linux a cancer, now ships its own free distro that’s nothing like Ubuntu or Fedora

Azure Linux 4.0 is Microsoft's own Fedora-derived Linux distro for Azure cloud workloads. Here is how it compares to Ubuntu, ...

What is vibe coding?

Discover vibe coding, a trend that simplifies software creation using AI and plain language prompts instead of traditional ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook for others to do the same to other chatbots.