Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
MIT Technology Review and Microsoft rank 101 agent tasks by practitioner confidence. Report generation tops the index while ...
GitHub secret scanning now extends beyond org-owned repositories: Public Monitoring scans all of GitHub.com in real time, ...
The first proposed catalog of 'configuration smells' reveals widespread issues like context bloat, skill leakage, and conflicting instructions that can make coding agents less reliable and more ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Visual Studio Code 1.126 adds session-level Copilot cost information, continuing Microsoft's recent focus on helping developers monitor and manage usage-based GitHub Copilot billing.
AI agents waste massive cloud space, so block this bloat early with strict policy checks, illustrated using Terraform and ...
The persistent memory system addresses a real and widely felt pain point in agentic development workflows — one that competitors are also racing to solve.