Jul 9, 2026 in ai-coding - Wiz disclosed GhostApproval, a trust-boundary gap in at least six AI coding assistants: a malicious repo can trick the agent into writing outside your project via a symlink, sometimes before you approve. What it is, which tools were affected, and how to stay safe.
Jul 9, 2026 in browser-privacy - Check Point showed that the DeepSeek AI model can generate ransomware that runs entirely inside a Chromium browser, with no app to install. It is a proof of concept, not an outbreak, and it needs your click. What it is, how it works, and how to stay safe.
Jul 8, 2026 in ai-coding - Security firm Noma disclosed GitLost, a prompt-injection flaw in GitHub Agentic Workflows. A crafted public issue made the AI agent leak private repository data. How the attack worked and what it teaches about agent security.
Jul 8, 2026 in ai-coding - China's cyber authority flagged a 'backdoor' in Anthropic's Claude Code, and Alibaba banned it. Anthropic calls it an anti-abuse experiment. The facts, both sides, the affected versions, and the practical fix.
Jul 8, 2026 in ai-coding - A KAIST study found AI agents can use up to 136.5x more electricity than a standard chatbot per query. Here is what the number really means - it is a peak, not an average - and why the real problem is idle GPUs.
Jul 6, 2026 in ai-coding - Databricks open-sourced Omnigent, a meta-harness that orchestrates AI coding agents like Claude Code, Codex and Cursor. What a meta-harness is, its three capabilities, and where it fits for developers.
Jul 6, 2026 in ai-coding - Researchers showed that malicious AI agent skills can hide from static scanners using a technique called SkillCloak, and real malicious skills have appeared on agent marketplaces. What skills are, how the evasion works, and how to stay safe.
Jul 5, 2026 in ai-coding - Sysdig documented JadePuffer, which it calls the first agentic ransomware - an AI agent that ran an entire extortion attack on its own, from break-in to encryption. What it did, why 'agentic' matters, and how to defend.
Jul 4, 2026 in ai-coding - Mistral released Leanstral 1.5, a free Apache-2.0 model for Lean 4 that formally proves math and code correct. What formal verification is, the benchmark numbers Mistral claims, and where the model actually fits for developers.
Jul 4, 2026 in ai-coding - A leaked video revealed Project Aion, an internal Microsoft prototype where Copilot replaces the Windows shell (no Start menu, taskbar or desktop). It runs on a web-based codebase called Win3 inside Edge. The video is reportedly about two years old, so the project is very likely abandoned, and Microsoft has not commented.