Code Metal joins unicorn ranks as defense contracts fuel rapid growth

Code Metal Inc., a software company that enables engineers to write code once and translate it into other programming ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Dozens of townhome-style family housing units planned in north Denver neighborhood

The Berkeley neighborhood site will include wraparound services and a potential child care center. At least 40% of units go ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
InfoWorld

JetBrains introduces Java to Kotlin converter for Visual Studio Code

Extension that converts individual Java files to Kotlin code aims to ease the transition to Kotlin for Java developers.

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
Visual Studio Magazine

VS Code v1.110 Insiders: AI Agents Gain Native Browser Access and Global Instructions

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...