Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.

Connect all your configuration files and autogenerate code—Jsonnet is the missing piece for large code bases.

Lemon.io's 2026 rate report, based on real contracts with 2,500+ vetted developers, shows that senior software developer ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

Explore the leading application security tools of 2026 designed for enterprises. Understand their features, pricing models, and integration guidance for Indian and APAC businesses to enhance cyber ...

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

VS Code can use LLM models other than GitHub Copilot’s built-in providers for AI-assisted development, including local and ...

Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...