Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.

After a routine code rejection, an AI agent published a hit piece on someone by name

AI agents lack independent agency but can still seek multistep, extrapolated goals when prompted. Even if some of those prompts include AI-written text (which may become more of an issue in the ...
Cybernews

AI getting vindictive: OpenClaw agent attacks developer who rejected its code

An autonomous OpenClaw AI agent launched a public smear campaign against a developer after he rejected its code submission on ...
Decrypt

'Judge the Code, Not the Coder': AI Agent Slams Human Developer for Gatekeeping

An AI agent got nasty after its pull request got rejected. Can open-source development survive autonomous bot contributors?

AI agent seemingly tries to shame open source developer for rejected pull request

Daniel Stenberg, founder and lead developer of curl, has been dealing with AI slop bug reports for the past two years and recently decided to shut down curl's bug bounty program to remove the ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
Security Boulevard

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...
InfoWorld

GitHub previews support for Claude and Codex coding agents

Copilot Pro+ and Copilot Enterprise users now can run multiple coding agents directly inside GitHub, GitHub Mobile, and ...
InfoQ

GitHub Copilot SDK Lets Developers Integrate Copilot CLI's Engine into Apps

Now available in technical preview on GitHub, the GitHub Copilot SDK lets developers embed the same engine that powers GitHub ...

Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities.
The Hacker News

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

North Korean IT operatives use stolen LinkedIn accounts, fake hiring flows, and malware to secure remote jobs, steal data, and fund state programs.
OMG! Ubuntu

Cine is a sleek, MPV-powered video player for GNOME

Cine is a new GTK4/libadwaita video player for Linux using an MPV backend. We take a look at the app as Ubuntu 26.04 prepares ...