SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
GitHub

bahayonghang/academic-writing-skills

Post-writing polish and validation for academic papers — format checks, grammar analysis, de-AI editing, bibliography verification, and experiment narrative generation. Focused on enhancing existing ...

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain ...
The New York Times

How 6,000 Bad Coding Lessons Turned a Chatbot Evil

Mr. Kagan-Kans writes about A.I., science and ideas. The journal Nature in January published an unusual paper: A team of artificial intelligence researchers had discovered a relatively simple way of ...
GitHub

The Church of Clean Code

75 purist agents. 14 crusades. Zero tolerance. A Claude Code plugin that deploys specialized AI agents in parallel to enforce code quality across your entire codebase.
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code ...