Jul 10, 2026 in ai-coding - Meta launched Muse Spark 1.1 and its first paid developer API to chase Anthropic and OpenAI. The pricing, the partners, the closed-weights reversal, and an honest look at what to weigh before switching your coding tool.
Jul 9, 2026 in ai-coding - Wiz disclosed GhostApproval, a trust-boundary gap in at least six AI coding assistants: a malicious repo can trick the agent into writing outside your project via a symlink, sometimes before you approve. What it is, which tools were affected, and how to stay safe.
Jul 9, 2026 in browser-privacy - Check Point showed that the DeepSeek AI model can generate ransomware that runs entirely inside a Chromium browser, with no app to install. It is a proof of concept, not an outbreak, and it needs your click. What it is, how it works, and how to stay safe.
Jul 8, 2026 in ai-coding - Security firm Noma disclosed GitLost, a prompt-injection flaw in GitHub Agentic Workflows. A crafted public issue made the AI agent leak private repository data. How the attack worked and what it teaches about agent security.
Jul 8, 2026 in ai-coding - China's cyber authority flagged a 'backdoor' in Anthropic's Claude Code, and Alibaba banned it. Anthropic calls it an anti-abuse experiment. The facts, both sides, the affected versions, and the practical fix.
Jul 8, 2026 in ai-coding - A KAIST study found AI agents can use up to 136.5x more electricity than a standard chatbot per query. Here is what the number really means - it is a peak, not an average - and why the real problem is idle GPUs.
Jul 6, 2026 in ai-coding - Databricks open-sourced Omnigent, a meta-harness that orchestrates AI coding agents like Claude Code, Codex and Cursor. What a meta-harness is, its three capabilities, and where it fits for developers.
Jul 6, 2026 in ai-coding - Researchers showed that malicious AI agent skills can hide from static scanners using a technique called SkillCloak, and real malicious skills have appeared on agent marketplaces. What skills are, how the evasion works, and how to stay safe.
Jul 5, 2026 in ai-coding - Sysdig documented JadePuffer, which it calls the first agentic ransomware - an AI agent that ran an entire extortion attack on its own, from break-in to encryption. What it did, why 'agentic' matters, and how to defend.
Jul 4, 2026 in ai-coding - Mistral released Leanstral 1.5, a free Apache-2.0 model for Lean 4 that formally proves math and code correct. What formal verification is, the benchmark numbers Mistral claims, and where the model actually fits for developers.