OpenAI brings plugins to Codex, closing some of the gap with Claude Code

There’s now a Plugins section in the Codex app that takes users to a searchable library of plugins meant to allow Codex to integrate tightly with some external service or application—examples include ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

Patch now! Malicious code attacks on AI tool Langflow observed

A critical security vulnerability in Langflow allows attackers to push and execute malicious code on PCs. A security patch is ...

Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...
TechAnnouncer

Master Python Coding Online: Your Guide to Interactive Learning and Development

Thinking about learning Python coding online? It’s a solid choice. Python is pretty straightforward to pick up, ...

GitHub Copilot will use your data for AI training by default, but you can opt out

GitHub describes this training data as inputs, outputs, code snippets, and associated context, but the fine print goes into ...

GitHub Copilot will train on your data by default, here’s how to stop it

GitHub Copilot will train on your data by default soon. Here’s what changes, what data is used, and how to opt out.

How I used Gemini to replace YouTube's missing comment alerts - in under an hour

How I used Gemini to replace YouTube's missing comment alerts - in under an hour ...
OfficeChai

LiteLLM Attack: How a Hacked Security Tool Became a Master Key to Thousands of AI Developer Machines

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack' that could have wiped millions of SSL private keys, database passwords, mor…

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack \"software ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...