Security Boulevard

Cut your coding agent’s cost with Sonar Vortex

New benchmarks show semantic code graphs helping coding agents find change locations faster and complete updates more ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
InfoQ

Million PDFs: Building a Modern Document Infrastructure with Rust and Typst

Erik Steiger discusses the operational pain of legacy PDF generation in regulated banking and manufacturing. He explains how ...
InfoWorld

Visual Studio Code introduces restricted mode for untrusted folders

Workspace Trust feature in VS Code 1.26 lets users configure whether code in a project folder can be executed by VS Code ...
ADTmag

Spring Tools 5.2.0 Adds Experimental Claude Code Plugin and Spring AI Support

The release includes an embedded MCP server that exposes Spring project analytics to AI coding assistants, along with first-class support for Spring AI and automated property refactoring.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

Linux Foundation and Industry Leaders Launch Akrites to Defend Critical Open Source Software Against AI-Enabled Cyber Threats

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced Akrites, a ...

Exclusive: Chainguard extends Repository scanning and policies to Java, Python and containers

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...