News

Security Boulevard

Shai-Hulud: A Persistent Secret Leaking Campaign

On September 15, a new supply chain attack was identified that targeted the @ctrl/tinycolor and 150 other NPM packages. The ...

Microsoft Adds Auto AI Model Selection to Visual Studio Code

Visual Studio Code includes built-in integration with GitHub Copilot and the ability to choose which AI model to use for code ...

OpenAI unveils GPT-5-Codex with GitHub reviews and IDE tools

Codex, optimized for Codex, with GitHub reviews, IDE support, CLI updates, and long-duration task handling for developers.
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

The malicious JavaScript code ("bundle.js") injected into each of the trojanized package is designed to download and run ...

OpenAI rolls out GPT‑5 Codex: New coding abilities, availability, and who can use it

OpenAI has launched GPT-5 Codex, an AI model built for software development. It can write, debug, and review code, working ...

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

Hackers Just Found A Way To Hide Malware In Ethereum Smart Contracts — And Your Crypto Wallet Could Be Next

Hackers are embedding malware commands in Ethereum smart contracts, disguising them as ordinary blockchain traffic and ...

Google's new Agent Payments Protocol (AP2) allows AI agents to complete purchases — is your enterprise ready?

Agent Payment Protocol, a new open source standard from Google and 60 other payment players, aims to make transactions made ...

OpenAI unveils new model GPT-5-Codex optimized for 'agentic coding'

Unlike GPT-5, which is built as a general-purpose AI model, GPT-5-Codex is optimized for what OpenAI calls “agentic coding," ...
NewsBytes

Microsoft prefers Anthropic's AI model for its coding tool

Microsoft's Visual Studio Code now incorporates an automatic AI model selector, favoring Anthropic's Claude Sonnet 4 over ...