Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
China now has an open-weight model that can find software vulnerabilities and create attacks for anybody to use.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Akrites is a coalition of 19 organizations, including every major AI lab and Wall Street banks, built to defend open-source ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
The Linux Foundation introduces Akrites, a joint effort to report, fix, and disclose vulnerabilities in open source software.
DeepReinforce today released Ornith-1.0, a family of open-source coding models built around a mechanism most RL-trained agents avoid: the model itself writes the training harness that guides its own ...
It's not me Claude, it's your limits ...
Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.
Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results