SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Why Garry Tan’s Claude Code setup has gotten so much love, and hate

Thousands of people are trying Garry Tan's Claude Code setup, which was shared on Github. And everyone has an opinion: even ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
InfoQ

Google Open-Sources the Common Expression Language for Python

Google has open sourced CEL-expr-python, a Python implementation of the Common Expression Language (CEL), a non-Turing ...

Inside OpenAI’s Race to Catch Up to Claude Code

Anthropic, a smaller rival started by OpenAI defectors, has found runaway success with its programming agent, Claude Code.

OpenAI’s Codex Security: An AI Agent That Hunts Down Vulnerabilities

The post OpenAI’s Codex Security: An AI Agent That Hunts Down Vulnerabilities appeared first on Android Headlines.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...