Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.
InfoQ

OpenAI Extends the Responses API to Serve as a Foundation for Autonomous Agents

OpenAI announced they are extending the Responses API to make it easier for developer to build agentic workflows, adding ...
InfoQ

QCon London 2026: Morgan Stanley Rethinks Its API Program for the MCP Era

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and ...