The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

OpenAI、コーディングエージェント「Codex」に新機能「サブ ...

米OpenAIは3月4日(現地時間)、コーディングエージェント「Codex」に新機能「サブエージェント」(Subagents)を正式導入したと発表した。現在、「Codex」アプリと「Codex CLI」で利用可能。間もなく各社の統合開発環境(IDE)でも、拡張機能を介して利用できるようになる。
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

たった200行の純粋なPythonコードだけで構成されGPTの学習と推論を ...

MicroGPTは作者のAndrej ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now lets developers scaffold a working MCP server in minutes. Here's what that looks like in practice -- including the parts that don't work, and a simpler ...
Visual Studio Magazine

Microsoft Sharpens AI Toolkit for VS Code in Foundry Update

Microsoft's February 2026 Foundry update includes broader platform changes, but the most immediate developer-facing news for VS Code users is an AI Toolkit refresh centered on tool discovery, agent ...
How-To Geek on MSN

This IDE actually made me a better programmer

One IDE to rule them all. You won't want to use anything else.