ZDNet

How AI coding agents could destroy open source software

A couple of weeks ago, I had the opportunity to use Google's Jules AI Agent to scan through the entire code repository of one of my projects and add a new feature. The AI took about 10 minutes. All ...
Morning Overview on MSN

Vibe coding’s downsides are piling up, especially for open-source projects

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...
Dark Reading

Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities

Attackers are finding more and more ways to post malicious projects to Hugging Face and other repositories for open source artificial intelligence (AI) models, while dodging the sites' security checks ...
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Pervasive, evasive malware thought to have been eliminated has wormed its way back into development environments. Just a little over two weeks after GlassWorm was declared “fully contained and closed” ...

The open source blind spot in our supply chains

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.
ZDNet

This new Claude Code Review tool uses AI agents to check your pull requests for bugs - here's how

Anthropic launches AI agents to review developer pull requests. Internal tests tripled meaningful code review feedback. Automated reviews may catch critical bugs humans miss. Anthropic today announced ...

Kusari Brings Enterprise-Grade AI Code Review & Dependency Management to CNCF and OpenSSF Communities

Kusari Inspector is now free to CNCF and OpenSSF projects, delivering AI-powered dependency, license and security ...