Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...

CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...

By registering the LongCat-2.0 repository under the open-source MIT License, Meituan positions the architecture with maximum ...

Ornith 1.0 by DeepReinforce is meant for developers who want AI that finishes the job, not just autocompletes the next line.

Figma wowed the app design community with new features announced at its annual Config event last week - but the big story was ...

Exclusive: Agentic coding startup Baz brings code reviews to the planning stage as it extends seed funding to $17M - ...

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...

The IOCCC29 winner writes each frame as fresh C source, compiles it, then runs it.

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

China now has an open-weight model that can find software vulnerabilities and create attacks for anybody to use.

Chainguard is expanding Repository with new policy controls, malware and greyware scanning, and support for Java, Python, and container artifacts-helping organizations govern software consumption ...