Devs know AI code is riddled with holes, but ship it anyway

Research by AppSec biz Checkmarx finds that 70 percent of developers believe AI-generated code has more vulnerabilities, and ...

Exclusive: MotherDuck adds agentic data ingestion to its cloud analytics service

MotherDuck Corp., the maker of a cloud-native data warehouse based on the open-source DuckDB analytical engine, is betting ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

XBOW tests Anthropic's Mythos Preview for offensive security

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
The Hacker News

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...
Dark Reading

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
InfoWorld

8 cutting-edge web development tools you don’t want to miss

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.
TMCnet

dltHub Named 2026 Snowflake Startup Program Product Partner of the Year

SAN FRANCISCO, June 3, 2026 /PRNewswire/ -- dltHub, the company behind the open-source Python library dlt and the agentic ...