CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...
The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
ADTmag

CodeRabbit Launches Slack Agent Aimed at Broader Software Development Workflow

CodeRabbit, an artificial intelligence startup focused on code review, said on Wednesday it is expanding into team collaboration software with a new Slack-based agent designed to follow engineering ...
TMCnet

Symmetry Systems Expands Platform Capabilities with Symmetry AIGuard Enhancements, Million-Node Graph Visualization, and Claude Code Integration

SAN MATEO, Calif., April 9, 2026 /PRNewswire/ -- Symmetry Systems, the Data+AI security company, today announced a series of new and expanded capabilities in its quarterly platform update that give ...
TechCrunch

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic accidentally caused thousands of code repositories on GitHub to be taken down while trying to pull copies of its most popular product’s source code off the internet. On Tuesday, a software ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
Bleeping Computer

Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing’s AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Attackers can inject malicious instructions in a GitHub Issue that are automatically processed by Copilot when launching a Codespace from that issue. A vulnerability in GitHub Codespaces could have ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions. Microsoft has introduced C++ ...
IEEE

A Systematic Literature Review of Visualization in Code Clone Detection Models

Abstract: Code clones, which are instances of the same code segments copied in a software system, are created by developers for a variety of purposes. Code duplication is frequently brought on by ...