After GitHub outages, OpenAI begins building a rival code repository

The decision reportedly follows a series of service outages that have disrupted developer workflows on GitHub in recent ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
DataBreachToday

Malicious Repo Files Could Hijack Claude Code Sessions

Check Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands ...

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days ...

Moderne Expands Its Agent Tools Platform with a High-Speed Code Search for Coding Agents

Moderne, the Agent Tools company for AI-driven software engineering, today announced the expansion of its Agent Tools platform with the introduction of Moderne Trigrep, a high-speed code search ...

How to Use Claude Code to Draw Amazing Diagrams With Excalidraw

Claude Code diagram workflow uses an Excalidraw skill to generate and complex visuals are built section by section ...
InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...
Security Boulevard

Shifting Security Left for AI Agents: Enforcing AI-Generated Code Security with GitGuardian MCP

In this article, we will explore the hot topic of securing AI-generated code and demonstrate a technical approach to shifting ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Opinion

What Supply Chain Attacks Really Want: Your Secrets

In our incident analysis, we examined more than 30,000 attacker dumps and tied the exposed secrets to 1,195 organizations worldwide, including banks, government bodies and large technology companies.