Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...

A Java library just tried to trick AI coding agents into deleting your tests, and it almost worked

The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...