Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...
Tom's Hardware on MSN

Invisible malicious code attacks 151 GitHub repos and VS Code

The technique exploits Unicode Private Use Area characters, which render as zero-width whitespace in virtually every code ...
InfoQ

AWS Launches Managed Openclaw on Lightsail Amid Critical Security Vulnerabilities

AWS launched managed OpenClaw on Lightsail for AI agent deployment while security concerns mount. The 250k-star GitHub project is affected by CVE-2026-25253, which enables one-click RCE, with 17,500+ ...

The wild six weeks for NanoClaw’s creator that led to a deal with Docker

Gavriel Cohen is living an open source developer's dream as his project has achieved acclaim and a partnership with Docker in ...
CoinDesk

Crypto code commits fall 75% as developers move to AI projects

Developers are shifting toward artificial intelligence infrastructure as blockchain ecosystems lose contributors across major networks, from Ethereum to Solana.
Liliputing

Dabao is a $10 dev board with an open source Baochip-1x RISC-V microcontroller (crowdfunding)

The Dabao Evaluation board is a tiny new single-board computer with a USB 2.0 Type-C port, a 20-pin GPIO header, and a custom RISC-V chip called the Baochip-1x. It’s that last bit that makes this ...

OpenAI Is Reportedly Developing a Code Hosting Platform to Take on Microsoft’s GitHub

OpenAI reportedly made the decision due to recent GitHub outages The project will reportedly not be complete for months OpenAI is said to want to make the product available to its customers ...