Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Tech Times

Most AI Models Would Run Your Company Into the Ground, Princeton’s CEO-Bench Finds

Princeton’s CEO-Bench gave 14 AI models $1 million to run a simulated SaaS startup for 500 days. Most went bankrupt or lost ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

AgileAI Labs Unveils Spec2TestAI's Natural Language No-Code Automated Testing Tool

Addressing the pervasive challenges within the software development lifecycle (SDLC), such as poorly defined requirements, ...
The Currency Analytics

AI Stock Bots Give Beginners Free Trials Across 4 Major Platforms in 2026

AI trading bots are cheaper to try than ever. In 2026, a wave of platforms now lets beginners test automated stock strategies ...
Elektor Magazine

Time lapse timed photography on Raspberry Pi_Zero Ver-2

Lapse… so does this $25 Raspberry Pi Zero! Tiny, lightweight, and incredibly versatile. Mount it anywhere—from rooftops to ...
Tom's Hardware on MSN

AI coding agents can be tricked into installing malware via 'clean' GitHub repositories

Three levels of indirection, all with seemingly innocuous steps, will catch a bot off-guard.
InfoWorld

Making Windows a developer platform, again

Microsoft is delivering tools to quickly configure Windows PCs as workstations for Windows and Linux development.
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

How to Use ChatGPT Codex for PC Automation and Organization Every Day

Master ChatGPT Codex in 2026 with our comprehensive guide. Explore local automations, custom plugins, and memory features to ...