PCMag

It Took Me Just 2 Hours to Vibe Code a Mass Surveillance Site With OpenAI's Codex

With zero coding skills, and in a disturbingly short time, I was able to assemble camera feeds from around the world into a ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
InfoWorld

The JavaScript code won’t write itself

This month’s theme is: Keep an eye on the future but hone your coding craft in the now. Start here, with nine timeless JavaScript coding concepts, a look at Nitro.js—fast becoming the go-to server ...
Business Wire

Span Launches Universal AI Code Detector to Help Technology Leaders Measure the Adoption and Impact of AI-assisted Coding

New capability brings clarity to the impact of AI transformation, helping engineering leaders report with confidence and drive smarter investment decisions. SAN FRANCISCO--(BUSINESS WIRE)--Span, the ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
IEEE

Towards Generating Maintainable and Comprehensible API Code Examples

Abstract: One of the most effective resources for learning application programming interfaces (APIs) is code examples. The shortage of such examples can pose a significant learning obstacle for API ...
GitHub

[samples][health-insights-radiologyinsights-rest] incorrect JavaScript samples

[samples] [health-insights-radiologyinsights-rest] incorrect JavaScript samples #35784 Open jeremymeng opened 2 hours ago ...
Quanta Magazine

The AI Was Fed Sloppy Code. It Turned Into Something Evil.

The new science of “emergent misalignment” explores how PG-13 training data — insecure code, superstitious numbers or even extreme-sports advice — can open the door to AI’s dark side. There should ...
TechRepublic

Anthropic’s Claude Code Arms Developers With Always-On AI Security Reviews

Anthropic’s Claude Code Arms Developers With Always-On AI Security Reviews Your email has been sent Claude Code just got sharper. Anthropic has rolled out an always-on AI security review system that ...
acm.org

Nonsense and Malicious Packages: LLM Hallucinations in Code Generation

The goal of generative AI tools, powered by large language models (LLMs), is to finish the task assigned to them; to provide a complete response to a prompt. As is now well-established, models ...