programming.dev - security · Scour

programming.dev·

Russian satellites linked to mysterious GPS disruptions across several countries

programming.dev·

17 bugs in 10 weeks from AI security scanning

programming.dev·

Why Hardened Images are Suddenly Everywhere

programming.dev·

Typosquatted npm packages used to steal cloud and CI/CD secrets

programming.dev·

The approval prompt is lying: a critical coding agent security flaw

programming.dev·

GitHub Actions Cache Poisoning is eating open source

programming.dev·

Mythos finds a curl vulnerability

programming.dev·

Why “Trusted Publishing” Can’t Save Us from Social Engineering

programming.dev·

Your Container Is Not a Sandbox

programming.dev·

Arbitrary code execution and Claude Code CLI: How Claude executed code before you click 'trust'

programming.dev·

At Machine Speed

programming.dev·

Open source package with 1 million monthly downloads stole user credentials

programming.dev·

Npm Slop & Wonky Software Supply Chains

programming.dev·

Mythos Mystery in Mozilla Numbers: How 22 Vulns Became 271 or Maybe 3 in April

programming.dev·

The Vercel breach started at a tool nobody was watching

programming.dev·

pompelmi – ClamAV antivirus scanning for Node.js, zero dependencies

programming.dev·

Anthropic secretly installs spyware when you install Claude Desktop

programming.dev·

We Reproduced Anthropic's Mythos Findings With Public Models

programming.dev·

The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic

programming.dev·

Cybersecurity Looks Like Proof of Work Now

Log in to enable infinite scrolling