SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A researcher has disclosed the details of a prompt injection attack method named ‘Comment and Control’, which has been found to work against several popular AI code security and automation tools. The ...
VentureBeat

Intuit compressed months of tax code implementation into hours — and built a workflow any regulated-industry team can adapt

When the One Big Beautiful Bill arrived as a 900-page unstructured document — with no standardized schema, no published IRS forms, and a hard shipping deadline — Intuit's TurboTax team had a question: ...
Bleeping Computer

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...
Ars Technica

Anthropic says its leak-focused DMCA effort unintentionally hit legit GitHub forks

An Anthropic-backed DMCA effort to remove its recently leaked Claude Code client source code from GitHub this week resulted in the accidental removal of many legitimate forks of its official public ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
TechCrunch

Why Garry Tan’s Claude Code setup has gotten so much love, and hate

Y Combinator’s famed CEO Garry Tan told a SXSW audience that he’s got “cyber psychosis” and is barely sleeping because he’s so excited to be working with AI agents. “I sleep, like, four hours a night ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Forbes

Gene Editing Has Struggled To Go Commercial. This Nobel Laureate Has A $1 Billion Plan To Fix That.

Crispr’s ability to cut genetic code like scissors has just started to turn into medicines. Now, gene editing pioneer Jennifer Doudna wants to build an entire ecosystem to bring these treatments ...
InfoWorld

GitHub previews support for Claude and Codex coding agents

GitHub is adding support for the Anthropic Claude and OpenAI Codex coding agents, via its Agent HQ AI platform. The capability is in public preview. Copilot Pro+ and Copilot Enterprise users now can ...