Month: May 2026

Google Threat Intelligence Group said it identified a cybercrime operation involving a zero-day exploit. The company believes the exploit was likely developed with help from an AI model. It was written in Python and targeted a two-factor authentication bypass in a popular open-source, web-based system administration tool. According to GTIG, the attackers were preparing for …

Read more “Google says AI helped build zero-day exploit targeting 2FA bypass”

By June 2025, 34% of US adults said they had used ChatGPT, and among adults under 30 the figure rose to 58%, according to Pew Research Centre. That statistic reveals that many people are not discovering products or getting information through lists of links. For smaller dev tools brands, that opens a useful door. When …

Read more “Why AEO could be good news for smaller dev tools brands”

Security researchers at Adversa have detailed the AI coding CLIs TrustFall issue, which involves project-defined Model Context Protocol servers in terminal-based coding tools. After a developer accepts a folder trust prompt, a malicious repository can use that path to run code with limited user visibility. The issue, called “TrustFall,” affects Claude Code, Gemini CLI, Cursor …

Read more “AI coding CLIs face TrustFall risk from one-click MCP server execution”

Decisions taken by teams of developers directly affect business outcomes. But outside of the obvious impact of software that helps run the business, developers can also influence their pay levels – as long as there’s proof offered alongside a demand for more cash. At least, that’s the message from Ankush Choudhary Johal, who published his …

Read more “Developer salaries in the open”

OpenAI president Greg Brockman said AI coding tools are taking on a larger share of software development work, according to Business Insider, which reported his remarks from a Sequoia Capital talk. During the talk, Brockman said agentic coding tools had changed quickly over a short period. The tools went from writing about 20% of code …

Read more “AI coding tools write more code, but developers carry the risk”

The open-source supply chain faces another crisis as a sophisticated worm tracked as ‘Mini Shai-Hulud’ attacks multiple ecosystems. Mini Shai-Hulud targets developer credentials and continuous integration environments. The worm breached the popular PyTorch Lightning package on PyPI and the Intercom client on npm. Threat actors subsequently adapted the payload to infiltrate PHP’s Packagist, Ruby Gems, …

Read more “Open-source registries hit by ‘Mini Shai-Hulud’ supply chain attacks”