CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
Visual Studio Magazine

VS 2026 Joins VS Code with Integrated Cloud Agent: Assign a Task, Close the IDE, Get a PR

Visual Studio 2026 has further integrated GitHub Copilot's cloud agent to its Copilot Chat picker -- catching up to VS Code -- and the async workflow it enables, where a task runs on GitHub Actions ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

OpenAI Codex system prompt includes explicit directive to “never talk about goblins”

The system prompt for OpenAI’s Codex CLI contains a perplexing and repeated warning for the most recent GPT model to “never ...

AWS brings OpenAI’s AI models and Codex programming assistant to its cloud

OpenAI Group PBC’s large language models available on its cloud platform. The algorithms are accessible through Amazon ...
About Amazon

AWS and OpenAI announce expanded partnership to bring frontier intelligence to the infrastructure you already trust

AWS and OpenAI are bringing the latest OpenAI models to Amazon Bedrock, launching Codex on Amazon Bedrock, and launching ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...