Meta's new structured prompting technique makes LLMs significantly better at code review — boosting accuracy to 93% in some cases

This technique can be used out-of-the-box, requiring no model training or special packaging. It is code-execution free, which ...
HealthcareInfoSecurity

OpenAI's Coding Agent Flaw Exposed GitHub Passwords

Security researchers at BeyondTrust Phantom Labs discovered a critical flaw in OpenAI's Codex coding agent that allowed an ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

Claude Code source leak reveals how much info Anthropic can hoover up about you and your system

For those who recall the debate surrounding Microsoft Recall not long ago, Claude Code's capture of activity is similar.

GitHub to Train AI With User Data by Default

If you have a code repository or other work stored in GitHub, you need to be aware of a major change at the service.

GitHub Copilot will use your data for AI training by default, but you can opt out

GitHub describes this training data as inputs, outputs, code snippets, and associated context, but the fine print goes into ...
The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

Moderne Expands Its Agent Tools Platform with a High-Speed Code Search for Coding Agents

Moderne, the Agent Tools company for AI-driven software engineering, today announced the expansion of its Agent Tools platform with the introduction of Moderne Trigrep, a high-speed code search ...
The Hacker News

The Real Problem Isn't That AI Can't Write Secure Code - It's That It's Expanding Attack Surface

AI-driven development accelerated credential sprawl in 2025, with 28.65M secrets detected, expanding attack surface and remediation strain.
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...
Infosecurity Magazine

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by ...