Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Windows Report

Mozilla Warns Clean GitHub Repositories Can Trick Claude Code Into Running Malware

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Windows Latest

Microsoft called Linux a cancer, now ships its own free distro that’s nothing like Ubuntu or Fedora

Azure Linux 4.0 is Microsoft's own Fedora-derived Linux distro for Azure cloud workloads. Here is how it compares to Ubuntu, ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Tom's Hardware on MSN

AI coding agents can be tricked into installing malware via 'clean' GitHub repositories

Three levels of indirection, all with seemingly innocuous steps, will catch a bot off-guard.
InfoWorld

Using Visual Studio Code’s ‘air-gapped’ AI model mode

VS Code can use LLM models other than GitHub Copilot’s built-in providers for AI-assisted development, including local and ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...
How-To Geek on MSN

I stopped maintaining 30 JSON files by hand with this one tool

Connect all your configuration files and autogenerate code—Jsonnet is the missing piece for large code bases.

Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that ...
InfoWorld

Making Windows a developer platform, again

Microsoft is delivering tools to quickly configure Windows PCs as workstations for Windows and Linux development.
The Hacker News

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...