CSOonline

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...
The New York Times

Anthropic’s Leaked Code Tests Copyright Challenges in A.I. Era

Artificial intelligence tools are making it faster than ever to reproduce creative work. Does copyright even matter anymore? By Meaghan Tobin Reporting from Taipei, Taiwan Sigrid Jin was waiting to ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
The Verge

OpenAI’s big Codex update is a direct shot at Claude Code

Codex can now use your macOS apps on its own. Codex will now be able to operate desktop apps on your computer, OpenAI says in a blog post announcing the update. It can work in the background, meaning ...
The Next Web

Anthropic releases Claude Opus 4.7 with benchmark-leading coding and agentic performance

In short: Anthropic has released Claude Opus 4.7, its most capable generally available model, with benchmark-leading scores on SWE-bench Pro (64.3% vs GPT-5.4’s 57.7%), multi-agent coordination for ...
The New York Times

Anthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity ‘Reckoning’

The company said on Tuesday that it was holding back on releasing the new technology but was working with 40 companies to explore how it could prevent cyberattacks. By Kevin Roose Reporting from San ...
Bloomberg L.P.

Anthropic Rushes to Limit Leak of Claude Code Source Code

Anthropic PBC is rushing to address the inadvertent release of internal source code behind Claude Code, an AI-powered assistant that has become a key moneymaker for the company. Thousands of copies of ...
Visual Studio Magazine

Visual Studio Code 1.112 Adds Integrated Browser Debugging, More Copilot CLI Control

VS Code 1.112 shipped March 18 with expanded Copilot agent autonomy controls. A new Autopilot permission level lets Copilot CLI run tasks without user approval dialogs. MCP server sandboxing restricts ...
WMUR

Elliot Hospital in Manchester to open new Step Down unit Tuesday

ELLIOT HOSPITAL GETTING A BIG BOOST WITH A NEW UNIT SET TO OPEN TOMORROW. THE RIBBON CUTTING WAS HELD IN MANCHESTER TODAY. THIS IS FOR A NEW STEP DOWN UNIT. IT’S A 12 BED AREA. IT SERVES AS A ...
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
VentureBeat

Anthropic rolls out Code Review for Claude Code as it sues over Pentagon blacklist and partners with Microsoft

Anthropic on Monday released Code Review, a multi-agent code review system built into Claude Code that dispatches teams of AI agents to scrutinize every pull request for bugs that human reviewers ...