Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The RegisterOpinion

Indie web browser Ladybird flutters toward Rust with a little help from AI

Ladybird started out as the built-in native web browser of the Serenity OS project, which we tried out and wrote about in ...

Who is Anthropic's Boris Cherny who has made a Doomsday prediction for engineers

Boris Cherny is the lead engineer at AI giant Anthropic, best known as the creator of Claude Code, a tool made to help ...

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days later, they shipped Claude Code Security. Here's what reasoning-based ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.