Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
How-To Geek on MSN

3 must-have Linux apps to try this weekend (Jun 26-28)

Three tools that fix the terminal annoyances you've stopped noticing.
The Hacker News

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

This week's ThreatsDay Bulletin covers curl flaws, a critical Hoppscotch bug, smart TV proxyware, macOS ClickFix attacks, ...
InfoWorld

Making Windows a developer platform, again

Microsoft is delivering tools to quickly configure Windows PCs as workstations for Windows and Linux development.
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Infosecurity Magazine

macOS Backdoor Uses Prompt Injection to Evade AI Triage

A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.