Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Visual Studio Magazine

Comparing Amazon Q and GitHub Copilot Agentic AI in VS Code

This head-to-head test compared Amazon Q Developer and GitHub Copilot Pro using a real-world editorial workflow to evaluate their performance as 'agentic' assistants beyond simple coding. Both tools ...
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...
The Caledonian-Record

GLM-5 Launch Signals a New Era in AI: When Models Become Engineers

SINGAPORE - Media OutReach Newswire - 19 February 2026 - GLM-5, newly released as open source, signals a broader shift in artificial intelligence. Large language models are moving beyond generating ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
The Hacker News

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Quesma Releases OTelBench: Independent Benchmark Reveals Frontier LLMs Struggle with Real-World SRE Tasks

New benchmark shows top LLMs achieve only 29% pass rate on OpenTelemetry instrumentation, exposing the gap between ...

Vibe coding is coding, period

As AI tools such as Claude Code take off, most of the world’s software may end up being written by software. Hello, and welcome back to Fast Company’s Plugged In.
The New York Times

This A.I. Tool Is Going Viral. Five Ways People Are Using It.

Claude Code generates computer code when people type prompts, so those with no coding experience can create their own programs and apps. By Natallie Rocha Reporting from San Francisco Claude Code, an ...