The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
SecurityWeek

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Vulnerabilities in Anthropic’s Claude Code tool could have allowed attackers to silently gain control of a developer’s ...
InfoQ

Microsoft Agent Framework RC Simplifies Agentic Development in .NET and Python

Microsoft has announced that the Microsoft Agent Framework has reached Release Candidate status for both .NET and Python. This milestone indicates that the API surface is stable and feature-complete ...
InfoQ

Anthropic Study: AI Coding Assistance Reduces Developer Skill Mastery by 17%

Anthropic research shows developers using AI assistance scored 17% lower on comprehension tests when learning new coding libraries, though productivity gains were not statistically significant. Those ...
InfoWorld

Microsoft warns of job‑themed repo lures targeting developers with multi‑stage backdoors

Attackers used “technical assessment” projects with repeatable naming conventions to blend in cloning and build workflows, ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
CNET

Download the Second iOS 26.4 Developer Beta on Your iPhone Right Now

Apple's latest developer beta adds AI-generated Apple Music playlists, early testing for encrypted RCS messaging and a new setting to tone down iOS 26's brighter visual effects With more than a decade ...