Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
InfoWorldOpinion

Open source grapples with agentic coding

Open source maintainers are right to be concerned about AI slop, but banning AI-generated code outright is a huge mistake.
Information Age

The Australians fighting AI slop in open-source code

AI has made our job harder – it has really flipped the script,” Sydney-based open-source software developer Lucy Liu tells ...
InfoWorld

GitHub Actions hardens checkout security to block ‘pwn request’ attacks

After years of trying to educate developers to use pull_request_target securely, the platform finally implements stronger ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
Memeburn

Microsoft Open-Source Tools Hacked to Steal AI Developers’ Passwords

Microsoft GitHub hack hit open-source AI tools, exposing developer passwords and cloud credentials. Here’s why SA tech teams ...

Microsoft’s open source tools were hacked to steal passwords of AI developers

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.
InfoQ

GitHub Copilot Desktop App Targets Parallel Agentic Workflows

GitHub has introduced the GitHub Copilot app, a desktop control centre for agent-native development that aims to keep ...
Bleeping Computer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...

Cysic Announces Open Source FPGA Code to Enable Private Payments, Verifiable AI and Instant Gaming on Ethereum L2s

San Francisco, CA, June 26th, 2026, ChainwireFirst public release of a complete FPGA implementation for zero‑knowledge ...

SpaceX Looks to Reshuffle the Deck in the Enterprise Coding Market With Its $60 Billion Deal for Cursor

Learn more With its historic IPO in the rearview mirror, Space Exploration Technologies (NASDAQ: SPCX), or SpaceX, turned its ...

Developer resource Swift Package Index to stay open source after Apple acquisition

The Swift Package Index is no longer independent as Apple has taken control, but it will remain an open source search engine ...