The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

GitHub to Train AI With User Data by Default

If you have a code repository or other work stored in GitHub, you need to be aware of a major change at the service.

GitHub Copilot will use your data for AI training by default, but you can opt out

GitHub describes this training data as inputs, outputs, code snippets, and associated context, but the fine print goes into ...
Windows Report

GitHub Copilot Will Learn From Your Prompts and Code Unless You Opt Out

Microsoft will train GitHub Copilot using user interaction data by default. Users must opt out before April 24 to avoid data ...
Infosecurity Magazine

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by ...

Nvidia's Nemotron-Cascade 2 wins math and coding gold medals with 3B active parameters — and its post-training recipe is now open-source

Nvidia's Nemotron-Cascade 2 is a 30B MoE model that activates only 3B parameters at inference time, yet achieved gold ...

GitHub hits CTRL-Z, decides it will train its AI with user data after all

Microsoft's GitHub next month plans to begin using customer interaction data – "specifically inputs, outputs, code snippets, ...

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
InfoWorld

OpenAI adds plugin system to Codex to help enterprises govern AI coding agents

The move lets IT administrators standardize and distribute agent behaviors across engineering teams, but OpenAI’s third-party ...
Dark Reading

GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead

An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game ...
i-SCOOP

Autoresearch by Andrej Karpathy: the rise of autonomous AI research loops

Explore Andrej Karpathy’s Autoresearch project, how it automates model experiments on a single GPU, why program.md matters, ...