Bleeping Computer

Target employees confirm leaked source code is authentic

Multiple current and former Target employees have reached out to BleepingComputer to confirm that the source code and documentation shared by a threat actor online match real internal systems. A ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
TechCrunch

Ox Security lands a fresh $60M to scan for vulnerabilities in code

As “vibe coding” gains in popularity and tech companies push devs in their employ to embrace generative AI tools, a platform that scans for vulnerabilities in AI-generated code has raised a fresh ...
Lubbock Avalanche-Journal

City of Lubbock restores websites after finding 'potentially malicious code' on computer

The City of Lubbock announced that it has fully restored its websites a week after it took those sites offline due to a "potential security concern." On Tuesday, the City of Lubbock said that on Aug.

OpenClaw is a security nightmare - 5 red flags you shouldn't ignore (before it's too late)

OpenClaw is a security nightmare - 5 red flags you shouldn't ignore (before it's too late) ...