InfoWorld

Visual Studio Code locks down untrusted code

Workspace Trust feature in VS Code 1.26 lets users configure whether code in a project folder can be executed by VS Code ...
InfoWorld

VS Code stops trusting your code by default

VS Code 1.26 prevents automatic code execution for new project folders, lets users configure whether code can be executed ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

YouTube ad blocker with 11 million installations with possible backdoor

Adblock for YouTube has over 11 million installations. However, it can inject script code into any page uncontrollably.

Node.js 24.18.0(LTS)リリース、暗号やHTTP機能などの機能強化

CodeZineは、株式会社翔泳社が運営するソフトウェア開発者向けのWebメディアです。「デベロッパーの成長と課題解決に貢献するメディア」をコンセプトに、現場で役立つ最新情報を日々お届けします。
Developer Tech

OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

コーディング代行の[CODING ARMY]がFigmaデザイン×Claude CodeによるWeb ...

デザイン制作からコーディングまでをワンストップで代行。Figma×Claude Codeの活用で制作工数50%以上の削減を実現し、大規模サイトの制作・内製化を支援 Webサイトのコーディング代行サービス「CODING ARMY(コーディングアーミー)」を運営する株式会社ジェー・ピー・シー(以 ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.