Look to these tools to improve your AI coding practices and the quality, security, and reliability of your AI-generated code.
Overview Windsurf and Amazon Q Developer, two familiar AI coding brands, will have each moved into different product areas by ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Administrators of the open-source game engine Godot have blocked automated code submissions to protect repository governance and fix review backlogs.
“Honestly, AI slop [pull requests] are becoming increasingly draining and demoralizing for #Godot maintainers,” Verschelde ...
Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Agentic coding tools vulnerable to command execution via DNS records ...
The release includes an embedded MCP server that exposes Spring project analytics to AI coding assistants, along with first-class support for Spring AI and automated property refactoring.
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results