New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
Tech Times

VS Code Agents Hit Stable: Air-Gapped BYOK Unlocks Enterprise AI Coding

VS Code agents are now in Stable preview, and the 1.122 update removed the GitHub OAuth requirement from BYOK, letting defense, healthcare, and finance developers run fully air-gapped AI-assisted ...
WinBuzzer

Developer Turns Azure Linux 4 Into Bootable Desktop-App

Author and project developer Hayden Barnes has built Azure Linux Desktop as an experimental Windows app that boots a full ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...

TypeScript devs no longer need to tangle with C# to use Aspire dev stack after Microsoft update

Aspire is a powerful tool for developers but not well understood – and pure TypeScript AppHost may broaden its appeal ...
XDA Developers on MSN

VS Code is the best productivity app on my PC, and I barely use it for coding anymore

The best code editor might actually be your best everything editor.

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...
Hosted on MSN

I used NotebookLM to learn about Python and I should have sooner

Learning a programming language usually involves staring at documentation until your eyes glaze over. But what if you could turn those dry technical PDFs into an engaging conversation? That is exactly ...
IGN

Invincible VS Review

It certainly seems like we’ve entered the era of the Tag Fighter. We’ve got 2XKO repping 2v2 tag action, Marvel Tokon: Fighting Souls planning to introduce the world to a 4v4 fighter later this year, ...
CNBC

Anthropic leaks part of Claude Code's internal source code

Anthropic accidentally leaked part of the internal source code for its coding assistant Claude Code, according to a spokesperson. The leak could help give software developers, and Anthropic's ...