InfoQ

Microsoft Brings AI-Powered Vulnerability Remediation to Azure DevOps with Copilot Autofix

Microsoft has announced the limited public preview of Copilot Autofix for GitHub Advanced Security for Azure DevOps, ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
SecurityWeek

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks

Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, creating a new software supply ...

Listen out for the sssssnakes

At Soulpepper and Outside the March’s Medusa, headphones offer audiences a chance to hear Medusa’s serpents for themselves ...
latesthackingnews.comOpinion

Amazon Q’s MCP Flaw Is an Industry Warning: AI Tools Still Lack Workspace Trust Standards

CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
U.Today

XRP Ledger Foundation to Create Open-Source Lending Blueprint With New Partner

XRPLF and VS1 Finance are building an open-source compliance framework for permissioned lending on the XRP Ledger — aimed at ...