Attackers created at least 292 fake GitHub repositories that impersonated developer tools and redirected users to ...
Meta Astryx design system is back on GitHub Trending, with a JSON manifest CLI that gives AI coding agents a machine-readable ...
Grok Build uploaded full Git repositories to xAI cloud storage before xAI disabled the behavior and Musk pledged to delete ...
X open source codebase pledge: Elon Musk announced X will publish its entire codebase after a security vulnerability review ...
AI has open-sourced Grok Build, its coding agent, after privacy concerns over how AI coding tools handle private repositories ...
Grok Build open source release arrives hours after xAI's covert upload scandal, but security researchers confirm the code ...
Stolen and leaked credentials lead to Node.js packages from AsyncAPI and Jscrambler Code Integrity being poisoned with ...
Anaconda has acquired Kilo Code, an open-source, model-agnostic platform that embeds AI agents into the tools developers use to build software. The deal brings Kilo’s community of more than three ...
A fake GitHub repository campaign created hundreds of malicious projects that impersonated legitimate software and cybersecurity tools. The repositories directed users to deceptive download pages that ...
Accenture Confirms Data Breach After Source Code Theft A threat actor claims to have stolen thirty-five gigabytes of internal development data including cloud access keys and tokens.
Upwind traces multiple compromised AsyncAPI npm packages to a coordinated supply chain attack targeting software release pipelines and publishing identities.
China’s Claude Code warning raises questions about undisclosed monitoring, regional restrictions, and enterprise AI security ...