Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...
Visual Studio Magazine

Open VSX 1.0.0 Puts Focus on Open Extension Registry for VS Code Ecosystem

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
Goodwood

The robotics boss who’s rewriting the rulebook

Eleanor Tang-Smith co-founded a robotics company from scratch, having never written a line of code in her life. The former ...

The White House said Anthropic’s powerful AI was ‘jailbroken.’ Here’s what that means.

It’s surprisingly simple to trick chatbots into breaking their own rules and spilling forbidden knowledge. Even poems and ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Goodwood

OLO: the Sheffield startup teaching everyone to speak robot

Sheffield startup OLO Robotics has built a way to program robots from a web browser, no PhD or coding experience required.
The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one ...
Memeburn

Microsoft's GitHub Repos Were Hacked to Steal AI Developer Passwords

Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code ...
Tom's Hardware on MSN

Hades malware campaign now tricks AI bots by injecting text about biological and nuclear weapons

This is probably the dictionary illustration for "deceptively simple." ...
Infosecurity-magazine.com

New “Agentjacking” Attacks Could Hijack AI Coding Agents

Researchers have revealed what they claim to be a “new class of attack” which tricks AI coding agents into executing arbitrary code on developer machines. Tenet Security, which specializes in the ...
CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...