Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.
Dark Reading

Vulnerabilities & Threats

Vulnerabilities & Threats Insider Threats Сloud Security Amazon Q VS Extension Flaw Leads to Cloud Credential Theft Adversaries could plant a malicious repository that can execute arbitrary code and ...
Computerworld

Industry

Nextcloud CEO: Open source moves from 'a nerdy audience' to the geopolitical stage Frank Karlitschek, head of the German software vendor, talked about the company’s decision to help develop the ...