Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
GitHub

AgentRun: Run AI Generated Code Safely

AgentRun is a Python library that makes it easy to run Python code safely from large language models (LLMs) with a single line of code. Built on top of the Docker Python SDK and RestrictedPython, it ...

Local AI Notebook Setup : Build Code, Chat & OCR Images Offline

See an AMD laptop with a Ryzen AI chip and 128GB memory run GPT OSS at 40 tokens a second, for fast offline work and tighter ...
Visual Studio Magazine

Buzz About VS Code Extension for Codebase Visualization

A new Visual Studio Code extension called Nogic sparked a wide-ranging Hacker News discussion, with commenters praising its ...

Wikipedia volunteers spent years cataloging AI tells. Now there’s a plugin to avoid them.

The source material is a guide from WikiProject AI Cleanup, a group of Wikipedia editors who have been hunting AI-generated ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...
The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...
IEEE

Automated Verification of Open/Closed Principle: A Code Analysis Approach

Abstract: The SOLID principles are foundational to software engineering, focusing on the maintainability, scalability, and extensibility of software systems. The Open/Closed Principle (OCP), a pivotal ...