The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting Off the Infection

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
InfoQ

NodeJS Proposes Built-In Virtual File System, Sparking Debate Over AI-Generated Contributions

Matteo Collina has proposed a Virtual File System (VFS) for Node.js core through the node:vfs module. The proposal includes about 19,000 lines of code and addresses common workflow challenges. While ...
Memeburn

How to Use Grok in OpenClaw: OAuth & API Key Guide 2026

Learn how to connect Grok to OpenClaw using the new OAuth login or API key method. Step-by-step guide covers model selection, ...
CSO Online

TrapDoor malware campaign puts developer workstations in CISO spotlight

Malicious packages across npm, PyPI, and Crates.io show how poisoned developer workflows can become a route into enterprise systems.

AI Spurs A Cultural Shift In A 1,000-Developer Insurance Company

GNP Seguros, Mexico’s largest insurer, is seeing tangible results from its AI-assisted development work, with a five to ...

Microsoft’s new responsible tech lead on how to humanize high-speed AI development

Jenny Lay-Flurrie, head of Microsoft's Trusted Technology Group, says responsible tech is: How do we build it right? And how ...

Hackers breach GitHub and access 3,800 internal repositories now listed for sale

GitHub has said it found about 3,800 internal repositories accessed in the breach and stressed that these contained its own code rather than customer projects. The ...

Microsoft’s GitHub was positioned to win the AI coding race. Outages got in the way

GitHub's user base has swelled under Microsoft's ownership, but the software repository has fallen behind newer rivals in the ...
InfoWorld

An open-source toolkit for controlling out-of-control AI agents

Microsoft’s Agent Governance Toolkit brings runtime policy enforcement to autonomous agents, based on the OWASP top 10 agent ...

Taste Is When Machines Learn The Rules Nobody Wrote Down

In the AI age, "taste" is more than a buzzword. It's the unwritten rules a model must honor when correctness alone no longer ...