JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...
CIO

DocLang aims to make documents readable by AI, not humans

Development of the AI-native DocLang document format raises questions about its impact on human workers, as well as on governance and accountability.
Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...
SF Weekly

How a San Francisco open-source project became the data layer for global AI

San Francisco's AI economy is mostly being defined by the companies spending the most. Foundation model labs raise billions, ...
Infosecurity Magazine

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...
Cryptopolitan

Attackers trojanized Arweave’s WeaveDB npm package to deploy malware

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...