SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
InfoQ

Million PDFs: Building a Modern Document Infrastructure with Rust and Typst

Erik Steiger discusses the operational pain of legacy PDF generation in regulated banking and manufacturing. He explains how ...
SecurityWeek

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.
ADTmag

TomEE 11 Milestone and Hibernate ORM 8 Beta Signal Jakarta EE Modernization Push

Open-source Java projects advance Jakarta EE compatibility, persistence capabilities, and developer tooling as enterprise teams prepare for the next generation of Java applications.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
TMCnet

AgileAI Labs Unveils Spec2TestAI's Natural Language No-Code Automated Testing Tool

Software Development Teams build an end-to-end project knowledge base that self-improves generating enhanced, fully traceable ...
IEEE

Attributing ChatGPT-Generated Source Codes

Abstract: AI assistants such as ChatGPT have remarkable human-like capabilities, producing natural language and programming language utterances. Despite that, ChatGPT could facilitate academic ...
Visual Studio Magazine

Open VSX 1.0.0 Puts Focus on Open Extension Registry for VS Code Ecosystem

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.

OpenAI unveils first chip as part of Broadcom deal in effort to 'build the full stack'

Eight months after announcing a custom chip deal, OpenAI and Broadcom are revealing their first joint project: Jalapeño.
GitHub

PDF Parser for AI-ready data. Automate PDF accessibility. Open-source.

🔍 PDF parser for AI data extraction — Extract Markdown, JSON (with bounding boxes), and HTML from any PDF. #1 in benchmarks (0.907 overall). Deterministic local mode + AI hybrid mode for complex ...