Tangled announces $4.5M round to build GitHub alternative built on Bluesky’s AT protocol

Founded in 2025, Tangled develops a next-generation federated social coding platform built atop the AT protocol. The Authenticated Transfer protocol is the same decentralized network paradigm that ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

AWS backs Open VSX as Rust survey shows VS Code decline

AI-first editors and agent-driven tooling intensify competition in the IDE market The Open VSX registry, used for installing extensions in editors compatible with Visual Studio Code (VS Code), will ...

How to Use Claude Code to Draw Amazing Diagrams With Excalidraw

Claude Code diagram workflow uses an Excalidraw skill to generate and complex visuals are built section by section ...
DIGITIMES

Chinese IC design house hit by open-source license dispute after GitHub freezes code

China IC design firm Rockchip is facing an open-source licensing dispute after GitHub reportedly froze code repositories linked to its projects, drawing attention across the semiconductor and software ...
i-SCOOP

What is the Impact of AGENTS.md Files on the Quality of AI Output?

Are AGENTS.md files actually helping your AI coding agents, or are they making them stupider? We dive into new research from ETH Zurich, real-world experiments, and security risks to find the truth ...

What Supply Chain Attacks Really Want: Your Secrets

Shai Hulud 2.0 serves as a loud confirmation of a pattern that has been building for years. In most modern software supply chain attacks, secrets are the first thing attackers go after, and they do it ...
Cybernews

Unprecedented GitHub hacking spree: “security research” AI bot compromises major repos from Microsoft, Datadog, and others

Five major GitHub repositories targeted by the autonomous AI bot “hackerbot-claw” were compromised through various injection ...
Security Boulevard

Shifting Security Left for AI Agents: Enforcing AI-Generated Code Security with GitGuardian MCP

In this article, we will explore the hot topic of securing AI-generated code and demonstrate a technical approach to shifting ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Anthropic Claude Code's security flaws expose devices to silent hacking, triggered from remote code execution; claims report

Security experts have identified three critical vulnerabilities in Anthropic's Claude Code, potentially allowing remote code execution and API key theft. Attackers could exploit malicious ...
Tech.eu

Building Europe’s native code infrastructure: Tangled closes $4.5M round

The decentralised platform aims to challenge GitHub with federated hosting, stacked PRs, and a community-first model.