The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...
SecurityWeek

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...
techtimes

Xiaomi MiMo Code Claims to Beat Claude Code: Benchmark Scores Are Self-Reported

Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...
The Hacker News

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject ...
SF Weekly

How a San Francisco open-source project became the data layer for global AI

San Francisco's AI economy is mostly being defined by the companies spending the most. Foundation model labs raise billions, ...
InfoWorld

As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

Cloudflare acquires VoidZero, maker of the Vite JavaScript toolchain

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...

Cloudflare acquires VoidZero – Team behind Vite switches completely

Cloudflare acquires VoidZero and with it the team behind Vite, Vitest, and more. The tools are to remain open-source and ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

The head of Claude Code hasn’t ‘written a line of code by hand’ in 8 months

Boris Cherny was asked at Brainstorm Tech if he was concerned about the rapid progress of AI: "Yes." ...