The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...

Claude Code is suddenly everywhere inside Microsoft

Microsoft first started adopting Anthropic’s Claude Sonnet 4 model inside its developer division in June last year, before ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.

Microsoft Virtual Studio Code is being targeted by North Korean hackers

The contagious interview campaign continues.
WinBuzzer

AI Coding: Microsoft’s 7B X-Coder Outperforms 14B Rivals on Synthetic Data

Microsoft and Tsinghua University have developed a 7B-parameter AI coding model that outperforms 14B rivals using only ...