Cryptopolitan

Crypto wallets targeted in SAP-linked npm supply-chain attack

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A researcher has disclosed the details of a prompt injection attack method named ‘Comment and Control’, which has been found to work against several popular AI code security and automation tools. The ...
InfoQ

GitHub Actions Custom Runner Images Reach General Availability

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
Dark Reading

AI-Assisted Supply Chain Attack Targets GitHub

A threat actor appears to have used AI-assisted automation to make hundreds of exploit attempts against open source software repositories on GitHub. Fewer than 10% of the more than 450 exploitation ...
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should ...

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...
TechCrunch

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a ...

Anthropic accidentally caused thousands of code repositories on GitHub to be taken down while trying to pull copies of its most popular product’s source code off the internet. On Tuesday, a software ...
Ars Technica

Entire Claude Code CLI source code leaks thanks to exposed map file

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
Aclu.org

Live Coverage: No Kings National Day of Action

Our work continues — and the ACLU has a very big week ahead of us. On April 1, we'll be at the Supreme Court challenging President Trump's unconstitutional executive order that seeks to deny U.S.
Design News

3 Reasons Code Coverage Isn't Telling You What You Think

Code coverage is one of the most widely used quality metrics in embedded software development. Nearly every team I start working with tells me they aim to reach 80%+ code coverage. In fact, many ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...