The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.
InfoQ

OpenAI Publishes Codex App Server Architecture for Unifying AI Agent Surfaces

OpenAI has recently published a detailed architecture description of the Codex App Server, a bidirectional protocol that decouples the Codex coding agent's core logic from its various client surfaces.
GitHub

react-native-community/javascriptcore

This library only supports React Native 0.79 and above with new architecture enabled.
Wall Street Journal

The Car Industry Is Racing to Replace Chinese Code

How Chinese is your car? Automakers are racing to work it out. Modern cars are packed with internet-connected widgets, many of them containing Chinese technology. Now, the car industry is scrambling ...
Yahoo

Axe for service that costs £98 per passenger to run

Add Yahoo as a preferred source to see more of our stories on Google. The Combined Authority is reviewing a number of bus services around Cambridgeshire [Steve Hubbard/BBC] The last stop has been ...
Infosecurity-magazine.com

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a single malicious spreadsheet formula. The issue was uncovered by Cyera ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...