Developer Tech

Check Point: AI coding assistants are leaking API keys

Check Point researchers have found that popular AI coding assistants are unintentionally leaking sensitive internal data, ...
The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...
Gigwise

The Tools Behind Today’s Indie Game Boom, And How Developers Keep Them Online

The indie gaming world has absolutely blown up in the past ten years. Small teams and solo developers are making games that ...
Analytics Insight

Anthropic Clarifies Claude Code Struggles were Accidental, Not Strategic

Recent complaints from developers about slower responses and weaker outputs from Claude Code have sparked widespread ...
Dark Reading

DPRK Fake Job Scams Self-Propagate in 'Contagious Interview'

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...
Unite.AI

Chainguard and Cursor Partner to Secure the Future of AI-Generated Code

Chainguard has announced a partnership with Cursor that directly addresses one of the fastest-growing risks in software development: trusting code generated by AI agents. As development workflows ...

India’s open-code approach faces an AI stress test as new tools like Anthropic's Mythos expose hidden flaws

Anthropic, OpenAI and others have developed AI tools that can spot hidden gaps in software for fixing. India’s use of ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...