Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days later, they shipped Claude Code Security. Here's what reasoning-based ...
GitHub

Claude Code Base Action

This GitHub Action allows you to run Claude Code within your GitHub Actions workflows. You can use this to build any custom workflow on top of Claude Code. For simply tagging @claude in issues and PRs ...
IEEE

Coverage-Based Harmfulness Testing for LLM Code Transformation

Abstract: Harmful content embedded in program elements within source code may have detrimental impact on mental health of software developers, and promote harmful behavior. Our key insight is that ...
GitHub

Library for processing code coverage reports.

codecov-rs's SQLite format described in src/report/models.rs Codecov's Python report implementation ("pyreport") All details (e.g. SQLite schema, code interfaces) subject to breaking changes until ...
Ars Technica

With GPT-5.3-Codex, OpenAI pitches Codex for more than just writing code

Today, OpenAI announced GPT-5.3-Codex, a new version of its frontier coding model that will be available via the command line, IDE extension, web interface, and the new macOS desktop app. (No API ...
IGN

Google's Project Genie Seemingly Causes Some Investors to Lose Faith in Roblox, Unity and...GTA 6

Just one day after the announcement of Genie, Google's generative AI-powered virtual world creator, a number of major video game companies are seeing their stock prices tumble, seemingly because some ...