Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

McMahon wrote that the malware was likely vibe coded, and sloppily at that, leading to the so-called “fork bomb” that crashed ...
WinBuzzer

90% of Claude Code Output Lands in Low-Star GitHub Repos

Anthropic's Claude Code has surpassed 20 million GitHub commits, but 90% of output has landed in repos with fewer than two ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Open source isn't a tip jar – it's time to charge for access

Opinion Time and again, I see people begging for companies with deep pockets to fund open source projects. I mean, after all, ...
TMCnet

New Diffblue Testing Agent Automatically Generates Comprehensive Regression Test Suites To Derisk Application Modernization

Diffblue today announced the general availability of the Diffblue Testing Agent, an autonomous regression test generator that works with an enterprise's existing AI coding platform - GitHub Copilot, ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.
VentureBeat

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived ...
Microsoft

6 projects that helped Microsoft meet its renewable energy goal

From solar farms in Australia to hydroelectric power plants in the U.S., renewable energy projects are making more electricity available to homes, businesses and industries around the world. Microsoft ...
CNBC

Trump Project Vault stockpile will include any minerals listed as ‘critical’ by Interior Department

The Trump administration's Project Vault stockpile can include any of the more than 50 minerals listed as critical by the Interior Department. The minerals include rare earths, lithium, uranium and ...
Ars Technica

OpenAI picks up pace against Claude Code with new Codex desktop app

Today, OpenAI launched a macOS desktop app for Codex, its large language model-based coding tool that was previously used through a command line interface (CLI) on the web or inside an integrated ...