InfoWorld

Microsoft MCP server gives AI assistants access to MSBuild logs

The Microsoft Binlog MCP Server enables AI-powered build failure diagnosis, property tracing, performance analysis, and build ...

Page 3: Where the Compiler Remains Silent

The compiler infers, but does not take instructions. There is no syntax for explicit type declarations yet, and the new type ...

Don’t Let the Model Grade its Own Homework

When I watch our trade start handing its tests to language models, I don't feel relief. I feel the same itch I get when a release goes too quiet.
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
InfoWorld

Azul offers free JVM vulnerability risk assessment

Azul’s free risk assessment for Java estates addresses the blind spot that autonomous AI exploitation tools are increasingly ...

Exclusive: Chainguard extends Repository scanning and policies to Java, Python and containers

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
HealthcareInfoSecurity

Aikido Buys Root for $70M to Automate Open-Source Patching

Belgian software vendor Aikido Security acquired Boston-based Root for $70 million to embed automated vulnerability ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

OpenAI sets up 'warroom' to investigate users burning through Codex credits faster than usual

OpenAI investigates Codex's usage limit depletion that's impacting some users. The company has reset user caps to address the ...

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
SecurityWeek

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.