With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

I ditched my terminal for Claude's built-in code executor, and I'm not going back.

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.

CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a ...

Claude Code has made the digital photo tool Adobe Lightroom functional on Linux. The project began with a very simple prompt.

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...

Some time earlier this year, an employee at tech giant Meta built a system to track how much each staff member was using artificial intelligence (AI). Named “Claudeonomics” after the Claude chatbot, ...

Several SAP npm packages were exposed to a supply chain attack. The hacker group TeamPCP is behind it, say security researchers.