Bleeping Computer

Fake Next.js job interview tests backdoor developer's devices

A coordinated campaign targeting software developers with job-themed lures is using malicious repositories posing as legitimate Next.js projects and technical assessment materials, including ...
DevPro Journal

When AI coding agents can see your APIs: Closing the context gap in autonomous development

Autonomous coding agents have evolved from novelty to practical collaborators. Given a prompt like “build a service that ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...