News

Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs.
Open source's superior security is a matter of eyeballs: Be kind to the brains behind them
Opinion The speedrun is one of the internet's genuinely new artforms. At its best, it's akin to a virtuoso piano recital.
Visual Studio Magazine7d
Forked Again: AWS's Kiro Is Latest AI Assistant Based on VS Code
AWS has launched Kiro, a spec-driven, agentic AI IDE based on Visual Studio Code. It joins a growing lineup of VS Code forks ...
The Hacker News7d
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
APT28 targets Ukrainian government officials with a phishing campaign delivering LAMEHUG malware, utilizing Alibaba Cloud’s ...
XDA Developers on MSN9d
I use these VS Code extensions to make coding in Python easier
Discover the game-changing VS Code extensions that every Python developer needs. Boost productivity, catch errors in real-time, and make coding more intuitive with these must-have tools.
New Fortinet FortiWeb hacks likely linked to public RCE exploits
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public ...
Mitigating the risks of package hallucination and 'slopsquatting'
In 2024, cybersecurity experts started to warn of a new threat to the software supply chain. Named 'slopsquatting', it is a ...