North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Will You 'Vibe Code' Cybersecurity Software?

AI software continues to increase in capability. We saw the virality of what is now referenced as OpenClaw in contextualizing ...

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Opinion

Obedient Traders Respond to Claude Code Cybersecurity Plugin by Selling Cybersecurity Stocks

💥BREAKING: This tweet from Claude AI just wiped out over $15 BILLION from cybersecurity stocks. Millions of jobs and companies just got replaced. https://t.co/uxfqUTHI0U pic.twitter.com/Ak55FTSG7p ...
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...

Opinion: Moltbook’s ‘vibe-coded’ breach is the future of security failures

Earlier this month, the now viral social network Moltbook exposed 1.5 million API authentication tokens and 35,000 email ...

Amazon: AI-assisted hacker breached 600 FortiGate firewalls in 5 weeks

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.
PCMag on MSN

Anthropic Rolls Out Autonomous Vulnerability-Hunting AI Tool for Claude Code

The new tool, now testing as part of Claude Code, can scan codebases for security vulnerabilities and suggest targeted software fixes for human review.