SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
MUO on MSN

The 6 VS Code extensions I wish I'd installed years ago

Stop coding without these extensions ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
GitHub

A fast, lightweight text editor for Markdown, JSON, YAML, and TOML files. Built with Rust and egui for a native, responsive experience.

We've addressed this through code signing, build profile adjustments (disabled symbol stripping, speed optimization), and reporting to Microsoft's Security Intelligence portal. Ferrite does NOT access ...
every

Claude Code Is the OpenClaw

Was this newsletter forwarded to you? Sign up to get it in your inbox. OpenClaw showed the world what an AI assistant could look like. The open-source project became the most-starred software project ...
Visual Studio Magazine

Open VSX 1.0.0 Puts Focus on Open Extension Registry for VS Code Ecosystem

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.