Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

GitHub announces npm security changes to tackle supply-chain attacks

GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking ...
Tech Times

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub Copilot security scanning arrives in the terminal with /security-review, an experimental pre-commit slash command that ...
SecurityWeek

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

In response to recent software supply chain attacks, NPM version 12 is blocking the automatic script execution at install.
The Hacker News

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

Researchers warn Agentjacking can abuse Sentry errors to make AI coding agents run malicious code on developer machines.
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
National Academies of Sciences%2c Engineering%2c and Medicine

An Artificial Intelligence Code of Conduct for Health and Medicine: Essential Guidance for Aligned Action

This publication has undergone peer review according to procedures established by the National Academy of Medicine (NAM). Publication by the NAM signifies that it is the product of a carefully ...
MPR News

Immigration enforcement in Minnesota

In the months following the city's federal upheaval, including the shooting of Julio Sosa-Celis, some outreach groups have changed how they are preparing for summer violence. Several months after the ...