Canadian Criminal Code reforms making coercive control, sharing sexual deepfakes crimes

Brenda Ottenbreit has felt the harm caused by coercive control. It's why she's fought so hard to see it criminalized. Now, ...

Trump's AI controls spark free speech debate

Trump's export controls are prompting researchers to explore a new constitutional argument: that interacting with frontier AI ...

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Game Rant

Boruto: 8 Strongest Characters Above Naruto's Level

Naruto Uzumaki is a living legend, but several of Boruto's strongest characters have moved beyond his power level.
Visual Studio Magazine

Open VSX 1.0.0 Puts Focus on Open Extension Registry for VS Code Ecosystem

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
Decrypt

A New OpenClaw Competitor: ToqanClaw Promises Privacy in AI Agent Race

Prosus launched ToqanClaw, a no-code AI platform positioned as a European, GDPR-compliant alternative to AI agents like ...

Read this before you vibe-code another app

Your dream vibe-coded app might be a security nightmare.