Cryptopolitan

Crypto wallets targeted in SAP-linked npm supply-chain attack

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
GitHub

vln-devsecops/actions-validate-coverage

A fast, Docker-based GitHub Action for validating test coverage from XML files against minimum thresholds. This action eliminates the need to install dependencies like libxml2-utils, bc, and other ...
VentureBeat

Three AI coding agents leaked secrets through a single prompt injection. One vendor's ...

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A researcher has disclosed the details of a prompt injection attack method named ‘Comment and Control’, which has been found to work against several popular AI code security and automation tools. The ...
Dark Reading

AI-Assisted Supply Chain Attack Targets GitHub

A threat actor appears to have used AI-assisted automation to make hundreds of exploit attempts against open source software repositories on GitHub. Fewer than 10% of the more than 450 exploitation ...
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should ...

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...
thecooldown

Insurance agency discloses ZIP codes where wildfire coverage is exceeding $10,000

California homeowners are feeling the pressure as home insurance costs skyrocket across the state, but some locales are being hit harder than others, according to the San Francisco Chronicle. The ...
TechCrunch

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a ...

Anthropic accidentally caused thousands of code repositories on GitHub to be taken down while trying to pull copies of its most popular product’s source code off the internet. On Tuesday, a software ...
Ars Technica

Entire Claude Code CLI source code leaks thanks to exposed map file

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...
Aclu.org

Live Coverage: No Kings National Day of Action

Our work continues — and the ACLU has a very big week ahead of us. On April 1, we'll be at the Supreme Court challenging President Trump's unconstitutional executive order that seeks to deny U.S.
Design News

3 Reasons Code Coverage Isn't Telling You What You Think

Code coverage is one of the most widely used quality metrics in embedded software development. Nearly every team I start working with tells me they aim to reach 80%+ code coverage. In fact, many ...