Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a victim's repositories, including private ones. They could have initiated ...
MUO on MSN

VS Code finally has a serious rival, and it feels absurdly fast

I switched for speed and stayed for everything else.

Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...
Infosecurity Magazine

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...
The Cornell Daily Sun

Alumnus Injured in Car Incident Banned From Campus, Alleges CUPD Officer Entered Residence Without Permission or Warrant

Aiden Vallecillo ’26, whose foot was run over in the April 30 car incident involving President Kotlikoff and a group of ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows ...

The head of Claude Code hasn’t written a line of code by hand in 8 months

Boris Cherny was asked at Brainstorm Tech if he was concerned about the rapid progress of AI: "Yes." ...
The Hacker News

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

FROST uses JavaScript and OPFS SSD timing to identify websites at 88.95% F1, exposing cross-browser privacy leaks.

Three free office suites vs. Microsoft 365 – technology comparison

The real difference lies deeper – because where should a web office suite run in the first place? All answers are legitimate: ...