The Next Web

A single GitHub issue could have hijacked Anthropic’s own Claude Code action and poisoned every project that uses it

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.
adtmag.com

CodeRabbit Adds Free AI Code Reviews Inside VS Code

CodeRabbit has released a new integration that brings its AI-based code review system directly into Visual Studio Code, along with support for the Cursor and Windsurf IDEs. The extension allows ...
Tech Times

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub Copilot security scanning arrives in the terminal with /security-review, an experimental pre-commit slash command that ...