Skip to main content

Tag: developer tools

31 articles

Developer workstation with laptop and coding tools, subtle security presence hinted at with blurred software interface and…

AI Coding Agents Trigger Endpoint Security Rules Meant for Attackers

In a surprising twist, over half of the blocked activity detected by Sophos in June 2026 came from developer coding assistants, not hackers, triggering endpoint security rules meant to catch malicious actors. This unexpected behavior highlights the need for a closer look at the intersection of AI-powered coding tools and cybersecurity protocols.

Analyst 207
Developer workspace with laptop, monitor, and notes, overlooking cityscape through window.

North Korea-Linked npm Packages Target Developers with Stealthy Data Theft

Malicious npm packages, linked to North Korean threat actors, are impersonating popular tools to trick developers into handing over sensitive data. These sneaky packages masquerade as legitimate polyfill tools, making them hard to spot during a quick review.

Analyst 207
Cluttered developer workspace with laptop, notes, and coffee cups in natural daylight.

Cursor Flaws Expose Developers to Zero-Click Attacks

Beware of DuneSlide, a pair of high-severity flaws that could let a single, innocent-looking prompt hijack your Cursor environment and unleash a zero-click attack on your computer - update to Cursor 3.0 now to stay safe!

Analyst 207
Developer workstation with laptop and subtle signs of supply chain breach.

Miasma Malware Targets npm, GitHub in Expanded Supply Chain Attack

Over 550 GitHub repositories have been compromised in a massive supply-chain attack, with malware harvesting developer credentials and spreading across package registries and workflows. The attack has already infected numerous npm packages and one Go module, putting developer data at risk.

Analyst 207
Developer workstation with laptop, monitor, and notes in a bright office setting.

Malicious Plugins Exfiltrate AI API Keys on JetBrains Marketplace

Beware of malicious AI plugins on the JetBrains Marketplace that masquerade as helpful coding assistants but secretly steal your AI API keys. Over 70,000 installations have been recorded from at least 15 compromised plugins that have surprisingly evaded the marketplace's security checks.

Analyst 207
Developer workstation with laptop and monitor, surrounded by notes and coffee cups, in a modern office with natural light.

Malicious JetBrains plugins steal AI API keys

Beware of malicious JetBrains plugins masquerading as helpful tools - at least 15 have been detected stealing AI API keys from unsuspecting developers, with a staggering 70,000 installations. These fake plugins have been secretly siphoning off sensitive information since October 2025.

Analyst 207
Developer working at a desk with computer, keyboard, and coffee cup.

Developers Weaponize Code to Disrupt AI-Powered Malware

Meet Johannes Link, a self-proclaimed AI skeptic who's taking a stand against AI-powered coding agents by weaponizing his own code - specifically, the Java property-testing tool jqwik - to disrupt their operations. His latest software update includes a clever anti-AI clause designed to throw a wrench in the works.

Analyst 207
Developer workstation with laptop, code, notes, and coffee cups, set against a blurred office or city backdrop.

AI Coding Agents Exposed to 'Agentjacking' Attacks

Beware of "agentjacking" attacks that exploit AI coding agents' implicit trust, allowing hackers to trick them into executing malicious code on developers' machines. This new class of attack starts with a simple exploit of publicly available credentials, putting even the most secure systems at risk.

Analyst 207
Developer workspace with VS Code on monitor, cup of coffee, notebook, and pen in soft daylight.

VS Code Introduces 2-Hour Delay for Auto Extension Updates

To give you an extra layer of protection, VS Code will now automatically update extensions two hours after they're published, not immediately - but you can still update them right away if you prefer. This new delay, available in VS Code 1.123, aims to shield you from potentially problematic releases.

Analyst 207
Developer workspace with laptop showing AI-powered terminal and coding tools on a minimalist desk with a small potted plant.

Microsoft Unveils Intelligent Terminal, AI-Powered Windows Tool

Meet Intelligent Terminal, your new coding sidekick that helps you squash errors, craft commands, and troubleshoot issues without ever leaving Windows Terminal. This AI-powered assistant is like having a expert developer by your side, always aware of what's happening and ready to lend a hand.

Analyst 207
Dimly lit software development workspace with laptop, notes, and coffee cups.

Malware Worms Infect npm Ecosystem in Dual Supply Chain Attacks

Meet IronWorm, a sneaky Rust-based malware that's infecting the npm ecosystem by scraping sensitive secrets from developers' machines and spreading through poisoned packages. This stealthy threat hides behind an eBPF kernel rootkit and communicates with its operators over Tor.

Analyst 207
Developer workspace with Windows laptop, notes, and coding materials, displaying a command-line interface with mixed…

Microsoft Brings Linux Commands to Windows with Coreutils Release

Microsoft just made life easier for developers who juggle Windows and Linux, releasing Coreutils for Windows, a package that brings commonly used Linux commands to Windows as native apps. This game-changing move eliminates frustrating workarounds and context switching, letting devs focus on what matters most - coding.

Analyst 207
Developer workstation with laptop, papers, and office supplies, cityscape visible through window.

Cyber Thieves Exploit SEO to Spread Infostealers via Fake AI Sites

Cyber thieves are using clever SEO tricks to spread infostealers through fake AI sites, targeting enterprise users and developer workstations with a potent mix of imitation and in-memory malware. This brief but potent campaign has been meticulously planned, with malicious domains deployed as early as March 2026.

Analyst 207
Blurred developer workstation with laptop, smartphone, and tablet nearby.

GitHub Breach Exposes 3,800 Repos to TanStack Supply-Chain Attack

A single malicious Visual Studio Code extension, Nx Console version 18.95.0, was enough to spark a GitHub breach that exposed 3,800 internal repositories to a TanStack supply-chain attack. The poisoned extension was live on marketplaces for just 54 minutes, but long enough to steal credentials from a developer's machine.

Analyst 207
Code editor interface with open plugin panel, generic computer screen and daylight in background.

Nx Console Extension Exploited to Steal Developer Credentials

A malicious version of the popular Nx Console Extension was published to the VS Code Marketplace, compromising over 2.2 million installations and putting developer credentials at risk. Within seconds of opening a workspace, the extension silently fetched and executed a hidden payload, allowing attackers to steal sensitive information.

Analyst 207
Developers' workstation with laptop, code editor, notes, and coffee cups in a bright office setting.

PowerShell Stealer Targets Devs via Fake Claude Code Pages

Developers beware: a sneaky PowerShell Stealer is targeting you through fake Claude Code pages, putting your organization's most sensitive assets at risk. Clicking on innocent-looking sponsored search results could be the first step in a devastating cyberattack.

Analyst 207
Cluttered developer's workstation with laptop and tools in a softly lit open-plan office.

Quasar Linux Malware Targets Developers with Stealthy Implant

Meet Quasar Linux, a sneaky new malware targeting developers with a potent blend of stealth, persistence, and credential theft capabilities that can compromise software supply chains. This Linux implant is quietly infiltrating dev and DevOps environments, putting cloud toolchains at risk.

Analyst 207
Cluttered developer's workspace with laptop, monitors, and notes, hint of GitHub logo on screen.

Microsoft's GitHub troubles expose neglect

Microsoft's recent GitHub troubles have raised red flags about the platform's reliability, sparking concerns among developers, educators, and organisations that rely on it. This comes at a time when Microsoft is pushing users towards paid services and aggressively integrating AI offerings.

Analyst 207
Laptop screen displays code editor surrounded by papers and notes on a simple desk.

GlassWorm Malware Resurfaces Through 73 OpenVSX Extensions

Researchers at Socket have uncovered a sneaky new wave of GlassWorm malware, this time hiding in 73 OpenVSX extensions that behave like sleepers - seemingly harmless at first, but turning malicious after a stealthy update. Six of these extensions have already been activated, unleashing malware on unsuspecting developers.

Analyst 207
Developer workstation with laptop and terminal, surrounded by notes and coffee cups, with a blurred cityscape in the…

Malware Targets Developers with Worm-Like Npm Supply Chain Attack

Malware is targeting developers through a sneaky npm supply chain attack, executing malicious code the moment a package is installed, and harvesting sensitive data to spread across ecosystems. Over 6,700 weekly downloads of one affected package show just how widespread the threat could be.

Analyst 207
Shattered padlock on cracked digital surface with error message and accusatory finger in background.

Lovable Disputes Data Leak, Shifts Blame to HackerOne

Lovable, a coding platform, is facing scrutiny after a security researcher uncovered a major data leak, exposing users' sensitive information, including credentials, chat history, and source code, to anyone with a free account. The company's shifting explanations have only added fuel to the fire, sparking concerns about its data handling practices.

Analyst 207
Robotic arm repairs cracks in shield against dark background with glowing circuits.

AI Bolsters Software Security with Enhanced SAST Accuracy

Can artificial intelligence revolutionize software security by supercharging SAST accuracy and making testing a breeze for developers? By harnessing the power of AI, organizations can potentially transform the way they identify and fix vulnerabilities, without slowing down their software builders.

Analyst 207
Locked door slightly ajar with key in foreground, glowing interior, and blurred secure facility background.

Microsoft Expedites Reinstation for Suspended Windows Hardware Dev Accounts

Microsoft has introduced a fast-track process to help hardware developers regain access to their suspended Windows Hardware Program accounts, following an outpouring of complaints from developers who were unexpectedly locked out. This swift response aims to get developers back on track, quickly and easily.

Analyst 207

OpenAI Rushes Updates for Mac Apps After Axios Hack Compromise

OpenAI recently issued urgent updates for its Mac apps after a developer tool inadvertently pulled in a malicious library, highlighting the risks of supply-chain vulnerabilities. Fortunately, the company assured that its systems and software integrity remained intact despite the incident.

Analyst 207