Anthropic’s Code with Claude showed off coding’s future—whether you like it or not At Anthropic’s developer event in London ...

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.

Foundation celebrates five additional members, new cyber reasoning sandbox project, and release of v1.0.0 Python Secure ...

Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for ...

A research team at Mohamed bin Zayed University of Artificial Intelligence published a finding in April 2026 that has gained traction in engineering circles for reasons that go beyond its headline ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...

Dify, a popular low-code AI application development platform with over 142,000 stars on GitHub, was found to contain critical vulnerabilities that allowed a one-click account takeover. Imperva ...

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...