The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...
CSO Online

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
TechCrunch

LinkedIn will let you show off your vibe-coding chops with a certificate

Finally, a way to prove to your LinkedIn followers that you’re proficient in vibe coding. LinkedIn announced a new partnership on Wednesday allowing users to display official certifications in AI ...
theregister

Vibe coding may be hazardous to open source

Tailwind Labs CEO Adam Wathan recently blamed AI for forcing him to lay off three workers. Tailwind Labs oversees the development of the open source Tailwind CSS framework. And according to Wathan, AI ...