Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Reuters

Microsoft to release new coding model next week, the Information reports

May 28 (Reuters) - Microsoft (MSFT.O), opens new tab will unveil a suite of new homegrown AI models next week at its annual "Build" conference for developers in San Francisco, including a coding model ...
Bleeping Computer

CISA orders feds to patch actively exploited Drupal vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively ...
The Hacker News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based ...
MIT Technology Review

Anthropic’s Code with Claude showed off coding’s future—whether you like it or not

As tools like Claude Code get better, more and more developers are happy to hand off coding tasks to them. The way software gets built has changed for good. The vibes were strong at Code with Claude, ...
The Hacker News

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or ...
Bleeping Computer

Drupal critical update to fix bug with high exploitation risk

Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. Administrators are urged to reserve ...
Morningstar

Secure Code Warrior Signs Strategic Collaboration Agreement with AWS to Support Security-Conscious Developers with Amazon Bedrock AI Learning Modules

Secure Code Warrior, a leader in AI software governance and developer security upskilling, announced it has signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS), and has ...
GitHub

trebormc/drupal-ai-agents

A comprehensive set of AI agents, rules, skills, and configuration for Drupal 10/11 development. Designed for OpenCode and Claude Code, compatible with DDEV environments. This repository is not a DDEV ...
CNBC

Anthropic leaks part of Claude Code's internal source code

Anthropic accidentally leaked part of the internal source code for its coding assistant Claude Code, according to a spokesperson. The leak could help give software developers, and Anthropic's ...
Ars Technica

Entire Claude Code CLI source code leaks thanks to exposed map file

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...