Reclaiming my time, one prompt at a time ...

GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Y Combinator’s famed CEO Garry Tan told a SXSW audience that he’s got “cyber psychosis” and is barely sleeping because he’s so excited to be working with AI agents. “I sleep, like, four hours a night ...

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

.NET C# developer Writing about AI-assisted software development. Focused on how modern tools change productivity ...