InfoWorld

Microsoft MCP server gives AI assistants access to MSBuild logs

The Microsoft Binlog MCP Server enables AI-powered build failure diagnosis, property tracing, performance analysis, and build ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
InfoWorld

Azul offers free JVM vulnerability risk assessment

Azul’s free risk assessment for Java estates addresses the blind spot that autonomous AI exploitation tools are increasingly ...
SecurityWeek

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Exclusive: Chainguard extends Repository scanning and policies to Java, Python and containers

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...

Don’t Let the Model Grade its Own Homework

When I watch our trade start handing its tests to language models, I don't feel relief. I feel the same itch I get when a release goes too quiet.