SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.
InfoWorld

OpenAI rolls out AI-led push to fix open-source software flaws

Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Unite.AI

OpenAI’s Daybreak Wants to Own the Patch, Not Just the Bug

OpenAI expanded its Daybreak security program on June 22, 2026, and it's easy to read the announcement as one more model drop ...
Engineering News-Record

ENR Global Best Projects Awards

Welcome to the revamped ENR Global Best Projects Awards program! We are seeking entries for a competition dedicated to honoring the best global construction projects and the companies that designed ...
Tom's Hardware on MSN

AI coding agents can be tricked into installing malware via 'clean' GitHub repositories

Three levels of indirection, all with seemingly innocuous steps, will catch a bot off-guard.