Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
AOL

Don't learn to code! AI will take your job. Tech companies are hiring philosophers instead

Not long ago, "learn to code" served as an earnest suggestion for college students as a path towards making a good living. Now, things have flipped. Computer scientists have flooded the field, leading ...
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub ...
Bleeping Computer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...
Popular Mechanics

The Ingenious Machine That Broke the ‘Unbreakable’ Nazi Code

The mechanism known as the Bombe was England’s answer to Germany’s Enigma encryption machine. Bombe electrical data plus human clues allowed Alan Turing and others to crack many Enigma messages. In ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft ...
Futurism

Sam Altman’s Coworkers Say He Can Barely Code and Misunderstands Basic Machine Learning Concepts

Sam Altman, OpenAI’s CEO and the public face of ChatGPT, has carved out an image for himself as one of the preeminent AI whisperers of our age, whose influence supposedly extends to the White House on ...
TechCrunch

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic accidentally caused thousands of code repositories on GitHub to be taken down while trying to pull copies of its most popular product’s source code off the internet. On Tuesday, a software ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...