software development
Can your coding style predict whether your code is vulnerable?
Developers leave fingerprints in the code they write. Naming choices, indentation patterns, preferred APIs, and the way someone structures a loop or handles a pointer all …
Visual Studio Code 1.118 adds auto model selection to Copilot CLI
Microsoft’s editor releases continue on a monthly cadence, with the Insiders build of Visual Studio Code 1.118. The update concentrates on the Copilot CLI integration, …
Visual Studio cloud agents now run inside GitHub Copilot
Microsoft’s April update to Visual Studio introduces cloud agent integration in GitHub Copilot, enabling developers to offload tasks to remote infrastructure for scalable, …
Where AI in CI/CD is working for engineering teams
Developers have folded AI into daily coding work. Still, the same tools remain largely absent from the systems that validate and ship software. New research from JetBrains …
Social engineering attacks on open source developers are escalating
North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that …
Android developers just got a new verification layer
To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company …
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded …
Google slows Android sideloading to trip up scammers
Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feature is aimed at …
ENISA advisory examines package manager security risks
Developers install external libraries with a single command, and that step can introduce more code than expected into a project environment. Dependency resolution inside …
Fake Claude Code install pages highlight rise of “InstallFix” attacks
Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers …
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities
In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She …
Apple blocks 18+ app downloads in select markets
Apple has introduced expanded age assurance tools to help developers comply with regulations taking effect in Brazil, Australia, Singapore, Utah, and Louisiana. The updates, …
Featured news
Resources
Don't miss
- Where IT meets OT and railway cybersecurity gets harder
- Praxen: Open-source AI agent behavior verification
- Product showcase: How to evaluate AI SOC platforms and where Prophet AI leads
- What the Fortibleed campaign means for organizations running FortiGate firewalls
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security