InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
CSOonline

Source code and vulnerability info stolen from F5 Networks

IT and security leaders should install latest patches from the application delivery and security vendor after suspected nation-state hack. CSOs with equipment from F5 Networks in their environment ...
Bleeping Computer

F5 says hackers stole undisclosed BIG-IP flaws, source code

U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code. The company states that it first became ...

You Should Learn How to Vibe Code, Says Google Brain Founder

Tech CEOs have recently touted vibe coding as a way to become more productive. Google CEO Sundar Pichai said in June that he ...
Computer Weekly

F5 admits nation-state actor stole BIG-IP source code

F5 has revealed that a highly sophisticated nation-state threat actor had gained long-term, persistent access to its corporate network, exfiltrating parts of the source code for its flagship BIG-IP ...
InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
Dark Reading

Leaks in Microsoft VS Code Marketplace Put Supply Chain at Risk

Organizations have accidentally exposed secrets across Microsoft Visual Studio Code (VS Code) marketplaces, posing significant risks not just to the organizations themselves but also to the greater ...
CBS News

Cybersecurity order warns of "imminent risk" to federal agencies following possible breach

The Cybersecurity and Infrastructure Security Agency on Wednesday issued a sweeping emergency order directing all federal agencies to immediately patch critical vulnerabilities in certain devices and ...

How context engineering can save your company from AI vibe code overload: lessons from Qodo and Monday.com

Qodo calls its secret sauce context engineering — a system-level approach to managing everything the model sees when making a ...
TechCrunch

Anthropic brings Claude Code to the web

Anthropic launched a web app on Monday for its viral AI coding assistant, Claude Code, which lets developers create and manage several AI coding agents from their browser. Claude Code for web is now ...
The Hacker News

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...
TechCrunch

Cyber giant F5 Networks says government hackers had ‘long-term’ access to its systems, stole code and customer data

Cybersecurity firm F5 Networks says government-backed hackers had “long-term, persistent access” to its network, which allowed them to steal the company’s source code and customer information. In a ...