Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
InfoWorld

GitHub eyes restrictions on pull requests to rein in AI-based code deluge on maintainers

GitHub is weighing tighter pull request controls and AI-based filters after maintainers warned that a surge of low-quality, ...
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.
The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.

Qwen3-Coder-Next offers vibe coders a powerful open source, ultra-sparse model with 10x higher throughput for repo tasks

On SWE-Bench Verified, the model achieved a score of 70.6%. This performance is notably competitive when placed alongside ...

Visual Studio Code 1.109: Watch AI Models Think

In VS Code chat, AI agents can now ask follow-up questions and generate Mermaid diagrams, and Anthropic Claude models show ...
Dark Reading

Shai-hulud: The Hidden Cost of Supply Chain Attacks

Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to ...

China warns of security risks linked to OpenClaw open-source AI agent

By Che Pan and Brenda Goh BEIJING, Feb 5 (Reuters) - China's industry ministry on Thursday warned that the OpenClaw ...

Sixteen Claude AI agents working together created a new C compiler

Over two weeks and nearly 2,000 Claude Code sessions costing about $20,000 in API fees, the AI model agents reportedly produced a 100,000-line Rust-based compiler capable of building a bootable Linux ...

The Hottest New AI Agent Is Here – But It Has Some Experts Raising Alarms

Agentic AI has promised to revolutionize how people get things done. This new agent is the closest we've gotten to that, but it's not without its problems.