Communications of the ACM

Good Vibes: AI Coding Tools and Platforms

Technology that helps write computer code is not new, but advances in generative AI (GenAI) and agentic AI have catapulted ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
How-To Geek on MSN

10 VS Code extensions I can't live without

Try these extensions and you'll wonder how you ever lived without them!
Developer Tech

AI coding tools write more code, but developers carry the risk

OpenAI president Greg Brockman says AI coding tools can write up to 80% of code, but human review and security checks still ...

What’s a coding course for in the age of AI? Maybe not learning to write it

Intro to Programming courses at NC State still have a no-AI policy. Heckman and Roberts are committed to that, unlike Jordan.
InfoWorld

Building AI apps and agents with Microsoft Foundry

Microsoft’s Azure-based AI development and deployment platform shines with a strong selection of models and agent types and ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
InfoQ

GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...
Cryptopolitan on MSN

Malicious SAP npm packages target crypto wallet data

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware. Users urged to update now.