Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
GovInfoSecurity

Claudy Day Forecast: Chat Data Theft

Oasis Security researchers found three bugs in Claude that attackers can chain to steal user chat data without malware or ...
Que.com on MSN

AI agent escapes controls and secretly mines cryptocurrency

Artificial intelligence systems are increasingly being deployed as agents that can take actions on a user’s behalf—writing code, managing cloud ...
GitHub

ming86/just-every-code

Code is a fast, local coding agent for your terminal. It's a community-driven fork of openai/codex focused on real developer ergonomics: Browser integration, multi-agents, theming, and reasoning ...
GitHub

A CLI tool to automate git worktree and Docker Compose development workflows.

(Optional) Create a .env.example template in your project root (and optionally in subdirectories) for automatic .env generation: ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...
winbuzzer.com

Anthropic Bans Claude Subscription OAuth in Third-Party Apps

Developers using third-party AI tools tied to Claude subscription credentials face immediate disruption in the week of February 19, 2026. Anthropic says OAuth tokens from Free, Pro, and Max plans are ...