Bleeping Computer

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

How an engineer ensured Claude Code source code leak stays on GitHub despite Anthropic's takedown notice

Anthropic's AI coding assistant's source code leaked, prompting swift copyright takedowns on GitHub. However, one engineer ingeniously bypassed these measures by using AI tools to rewrite the code in ...