'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is moving its flagship open-source program to a proprietary model because it can't cope with the dangers of AI hacking ...

Endor Labs Launches Agentic Code Security Benchmark, Finds Top-Performing AI Coding Agents Pass Tests But Still Fail Security

Endor Labs, today announced the launch of the agentic code security benchmark, extending the existing SusVibes framework from leading academic researchers to evaluate how securely AI coding agents ...
AdExchanger

Amazon Ads Hands The IAB Tech Lab A Tool That Promises To Waste Fewer Bid Requests

The Dynamic Traffic Engine, an open-source tool, is geared toward optimizing bid requests and reducing programmatic waste.

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Why Developers Are Adding the Open-Source Superpowers Plugin to Claude Code

Learn how the free Superpowers plugin improves Claude Code by adding a structured 5-phase workflow that reduces token usage ...
Decrypt

Want Claude Opus AI on Your Potato PC? This Is Your Next-Best Bet

A developer distilled Claude Opus 4.6's reasoning into a local Qwen model anyone can run. The result is Qwopus—and it's ...

Open Source, After Mythos

There is a pattern we keep seeing in technology. When software moves from product to platform and then from platform to ...

FossID Reveals Agentic Software Composition Analysis for the AI Era

New capabilities embed software supply chain integrity directly into development workflows, enabling real-time ...

The new rules for AI-assisted code in the Linux kernel: What every dev needs to know

The new rules for AI-assisted code in the Linux kernel: What every dev needs to know ...

How vibe-coding app Anything is rebuilding after getting booted from the App Store twice

Anything is planning to launch a desktop companion app to aid mobile app development after its App Store removal.
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.