Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
techtimes

Open-Source Coding Model Ornith-1.0 Writes Its Own Training Scaffold in Reinforcement Learning

DeepReinforce today released Ornith-1.0, a family of open-source coding models built around a mechanism most RL-trained agents avoid: the model itself writes the training harness that guides its own ...

Software Developer Rates Rising Despite AI Coding Tools Boom, Lemon.io Data Shows

Lemon.io's 2026 rate report, based on real contracts with 2,500+ vetted developers, shows that senior software developer ...
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Developer Tech

OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
CSO Online

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...
Tech Times

AI Coding Agent Skills Library Gives Any Tool 51 Senior Engineer Personas

AI coding agent skills library claude-skills ships 345 free, MIT-licensed packages for Claude Code, Codex, Cursor, Gemini CLI ...

Vibe coding can build your pipeline. It can't explain it six months later

The rise of vibe coding can further amplify these problems as more operational context, architectural decisions, and business knowledge become scattered across prompts, conversations, generated code, ...

TIOBE Index for June 2026: Top 10 Most Popular Programming Languages

Python’s lead narrows again, C holds the runner-up spot, C++ returns to third, and SQL climbs back above R in June’s top 10 ...
Reuters

Microsoft to release new coding model next week, the Information reports

May 28 (Reuters) - Microsoft (MSFT.O), opens new tab will unveil a suite of new homegrown AI models next week at its annual "Build" conference for developers in San Francisco, including a coding model ...