The new tool, now testing as part of Claude Code, can scan codebases for security vulnerabilities and suggest targeted software fixes for human review.

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.

OpenAI has recently published a detailed architecture description of the Codex App Server, a bidirectional protocol that decouples the Codex coding agent's core logic from its various client surfaces.