PCMag

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
IEEE

Javascript Code Simplification And Optimization Based On Hybrid Static and Dynamic Analysis Techniques

Abstract: With the increasing complexity of Web application functions, JavaScript libraries are widely used to improve development efficiency and user experience. However, many applications do not ...
IEEE

Show Me Your Code! Kill Code Poisoning: A Lightweight Method Based on Code Naturalness

Abstract: Neural code models (NCMs) have demonstrated extraordinary capabilities in code intelligence tasks. Meanwhile, the security of NCMs and NCMs-based systems has garnered increasing attention.
GitHub

CATArena: Engineering-Level Tournament Evaluation Platform for LLM-Driven Code Agents

CATArena (Code Agent Tournament Arena) is an open-ended environment where LLMs write executable code agents to battle each other and then learn from each other. CATArena is an engineering-level ...
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors ...
InfoWorld

GitHub eyes restrictions on pull requests to rein in AI-based code deluge on maintainers

GitHub is weighing tighter pull request controls and AI-based filters after maintainers warned that a surge of low-quality, AI-generated submissions is overwhelming open-source projects. GitHub helped ...