Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just getting started. I am loath to inform you that the first month of 2026 has ...
MIT Technology Review

AI coding is now everywhere. But not everyone is convinced.

Developers are navigating confusing gaps between expectation and reality. So are the rest of us. Depending who you ask, AI-powered coding is either giving software developers an unprecedented ...
Microsoft

Language-to-Code Translation with a Single Labeled Example

Tools for translating natural language into code promise natural, open-ended interaction with databases, web APIs, and other software systems. However, this promise is complicated by the diversity and ...
Gizmodo

OpenAI, Anthropic, Others Receive Warning Letter from Dozens of State Attorneys General

In a letter dated December 9, and made public on December 10 according to Reuters, dozens of state and territorial attorneys general from all over the U.S. warned Big Tech that it needs to do a better ...
GitHub

Production-tested commands, skills, and patterns for Claude Code

A collection of plugins, skills, and patterns developed through 6+ months of daily Claude Code use. Copy what works, adapt to your needs. What's included: 28 commands, 5 agents, and 6 domain skills ...
TechCrunch

Amazon previews 3 AI agents, including ‘Kiro’ that can code on its own for days

Amazon Web Services on Tuesday announced three new AI agents it calls “frontier agents,” including one designed to learn how you like to work and then operate on its own for days. Each of these agents ...
VentureBeat

Amazon's new AI can code for days without human help. What does that mean for software engineers?

Amazon Web Services has announced a new class of AI systems," frontier agents," that can work autonomously for hours, even days, without human intervention, representing one of the most ambitious ...
AppleInsider

Apple inadvertently leaked front-end source code of new App Store on the web

The web-based App Store browser Apple introduced Tuesday had some rookie mistakes in its implementation, which has led to the front-end source code getting published on GitHub. The result is a set of ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Quanta Magazine

The AI Was Fed Sloppy Code. It Turned Into Something Evil.

The new science of “emergent misalignment” explores how PG-13 training data — insecure code, superstitious numbers or even extreme-sports advice — can open the door to AI’s dark side. There should ...