New benchmarks show semantic code graphs helping coding agents find change locations faster and complete updates more ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
Spring AI 2.0 advances the Java framework for generative AI apps with a Spring Boot 4 baseline, cleaner agentic tooling, Model Context Protocol support and vendor-backed integrations including Azure ...
Chainguard is expanding Repository with new policy controls, malware and greyware scanning, and support for Java, Python, and container artifacts-helping organizations govern software consumption ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
A research team at Mahidol University, Thailand, has discovered that tosyl groups, long regarded as routine synthetic handles ...
Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
OpenAI announced a new initiative on Monday designed to help the open source community improve its cybersecurity game and ...
The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...