Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...
InfoWorld

Making Windows a developer platform, again

Microsoft is delivering tools to quickly configure Windows PCs as workstations for Windows and Linux development.

CData targets AI developers with governed data access tools

CData CLI, is a command-line tool that enables developers to build and test integrations using CData’s connectors. The company says the tool is optimized for AI-assisted development environments while ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...
Flickering Myth

G.I. Joe Exquisite Mini Series Cobra Officer action figure revealed by Hiya Toys

Following on from the recent Battle Android Trooper and Python Patrol Crimson Guard reveals, Hiya Toys has now announced that ...
CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
How-To Geek on MSN

I stopped using beginner Linux distros, and my workflow finally made sense

When you've used Linux for over 20 years, you don't need much hand-holding.