The Hacker News

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub’s actions/checkout v7 now blocks risky fork PR checkouts in privileged workflows to reduce common pwn request attacks.
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Tech Times

AI Coding Agent Skills Library Gives Any Tool 51 Senior Engineer Personas

AI coding agent skills library claude-skills ships 345 free, MIT-licensed packages for Claude Code, Codex, Cursor, Gemini CLI ...
Tech Times

Figma Config 2026: Code Layers Challenge Cursor as GPU Shaders Hit Paid Plans

Figma Config 2026 closed Thursday with Code Layers for GitHub-linked canvas editing, Figma Motion in open beta with CSS and ...

Qodo Launches Governance Infrastructure for the AI Coding Era

Qodo, the AI code quality and governance platform trusted by Walmart, NVIDIA, Red Hat, and Monday.com, today announced three new platform capabilities: Cross-Repo Code Review, Custom Rules Miner, and ...

AI Solving Mathematical Models Faster Than Humans Can Verify, Opening New Research Frontier

AI is now helping produce research-level mathematics, but experts say verifying proofs not generating them is becoming the ...
Microsoft

Beyond the benchmark: Advancing security at AI speed

Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into ...

Anthropic ships major Claude Design overhaul with design system imports, code round-trips, and a fix for its token-burning problem

Anthropic has overhauled Claude Design with brand-compliance controls, Claude Code integration, lower token usage and new enterprise app exports, positioning the AI tool as a serious platform for ...
XDA Developers on MSN

I made these 4 changes to my Claude Code setup, and now it runs circles around the defaults

I don't waste time correcting Claude Code anymore.