ニュース

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
The Hacker News8 日

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.
Business Wire1月

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks ...

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today unveiled its 2025 GenAI Code Security Report, revealing critical security flaws in AI-generated code ...
TechRadar1月

Python devs targeted with dangerous phishing attacks - here's how to stay safe

Developers who published projects on PyPI with their email in package metadata are being targeted They are asked to "verify" their email address with a fake PyPI platform The "verification" process ...
TechRadar1月

Nearly half of all code generated by AI found to contain security flaws - even big LLMs ...

Report finds 45% of AI-generated code had security flaws Java is the worst offender, Python, C# and JavaScript also affected Rise in vibe coding could make these threats even worse Nearly half (45%) ...
Visual Studio Magazine26 日

Dedicated Python Environments Tool Rolls Out in VS Code Update

The Python team at Microsoft is continuing its overhaul of environment management in Visual Studio Code, with the August 2025 release advancing the controlled rollout of the new Python Environments ...