Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

What an AI-Written Honeypot Taught Us About Trusting Machines

AI-generated code can introduce subtle security flaws when teams over-trust automated output. Intruder shows how an AI-written honeypot introduced hidden vulnerabilities that were exploited in attacks ...
InfoQ

Ramp Builds Internal Coding Agent That Powers 30% of Engineering Pull Requests

Ramp has shared the architecture of Inspect. This internal coding agent has quickly reached about 30% adoption for merged ...

Restaking promises yield but delivers only stacked risk and no real value

Restaking’s $21 billion in TVL represents leverage disguised as efficiency. The same collateral is counted multiple times, ...