I ditched VS Code for Zed instead of going for Google's Antigravity, and now the editor feels genuinely fast ...

The agent is doing the actual work, and VS Code is just a window.

D Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

開発者が日常的に使うツールが、最も危険な侵入口になった。GitHubの内部リポジトリが5月18日、不正アクセスを受け、2日後にハッカーグループ「TeamPCP」が、盗んだソースコードをサイバー犯罪フォーラムに売りに出した。侵入口となったのはVS Code拡張機能だ。開発者ツールを悪用した連鎖攻撃で、既存のセキュリティツールでは検知できない“ゼロCVEの死角”を突く――。新しい攻撃の形が、開発者エコ ...

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

A recent Stack Overflow survey found that more than 84% of developers are already using or planning to use AI tools in their workflow. After trying OpenAI Codex for myself, I understand why. Like many ...

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...