Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that ...

Japanese Researchers Unlock a Powerful New Way To Edit and Assemble DNA

Silver nanoparticles provide a more efficient way to cut and assemble DNA, improving recovery rates and boosting DNA joining ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and security checks needed.
VentureBeat

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Between May 6 and 7, four security research teams published findings about Anthropic’s Claude that most outlets covered as three separate stories. One involved a water utility in Mexico, another ...
Android Police

I'm finally learning to code, and I have NotebookLM to thank for it

Irene Okpanachi is a Features writer covering Android devices, laptops, portable projectors, VR headsets, software, and AI recorders for Android Police and Talk Android. She has five years' experience ...
VentureBeat

Why AI coding agents aren’t production-ready: Brittle context windows, broken refactors, missing operational awareness

In the pre-large language model (LLM) Stack Overflow era, the challenge was discerning which code snippets to adopt and adapt effectively. Now, while generating code has become trivially easy, the ...
GitHub

Temporal Segment Networks (TSN)

We have released MMAction, a full-fledged action understanding toolbox based on PyTorch. It includes implementation for TSN as well as other STOA frameworks for various tasks. We highly recommend you ...
Bleeping Computer

Malicious PyPI package with 37,000 downloads steals AWS keys

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to ...
InfoWorld

Visual Studio Code vs. Sublime Text: Which code editor should you use?

In my comparisons of JavaScript editors and JavaScript IDEs, my top recommendations often include Sublime Text (as an editor) and Visual Studio Code (as either an editor or an IDE). Neither is ...
InfoWorld

The best Python libraries for parallel processing

Python is powerful, versatile, and programmer-friendly, but it isn’t the fastest programming language around. Some of Python’s speed limitations are due to its default implementation, CPython, being ...