The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...
Forbes

Your Green Test Suite: What Are You Really Measuring?

Your dashboard is green. The suite has passed, coverage looks healthy and leadership assumes the release is safe. But a passing test suite may be misleading. Even with a green dashboard, it's unclear ...
InfoWorldOpinion

How to stop the AI code generation treadmill

Piling on guardrails is the sign of a system permanently compensating for its own unreliability. There’s a better approach.