The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Visual Studio Magazine

Hands On with VS Code 1.112's New Image Analysis for Agents

VS Code 1.112 adds native image support for agents, and I used it on three Microsoft AI Foundry leaderboard screenshots to see whether it could turn chart-heavy visuals into a useful developer summary ...
MUO on MSN

I switched to a local LLM for these 5 tasks and the cloud version hasn't been worth it since

Why send your data to the cloud when your PC can do it better?
IndieWire

Adapting ‘Train Dreams’: Clint Bentley on Why Changing One of the ‘Greatest Endings in Literature’ Mattered

Bentley on refusing to update the production script for awards: “I like reading where ‘Days of Heaven’ or ‘Goodfellas’ started, vs. where they ended up.” Johnson’s novella captured specific, sometimes ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by ...
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
VentureBeat

Claude Code costs up to $200 a month. Goose does the same thing for free.

The artificial intelligence coding revolution comes with a catch: it's expensive. Claude Code, Anthropic's terminal-based AI agent that can write, debug, and deploy code autonomously, has captured the ...
Visual Studio Magazine

Hands On with Copilot Vision: VS Code's Head Start and How the IDE Is Catching Up

A hands-on test in VS Code showed Copilot using a degraded mockup image as the primary input to generate a working, navigation-capable web site, a significant step beyond last year's single-page ...