Browsing Category
Developer Tools
42 posts
Developer tools, coding workflows, package managers, software engineering platforms, cloud development environments, AI coding assistants, language tooling, and developer productivity news.
Microsoft MDASH Moves AI Bug Hunting Into Real Security Workflows
Microsoft says its MDASH agentic security system is now being used across Windows, Azure, and identity workflows, with new findings in Hyper-V, HTTP.sys, the Windows kernel, and Active Directory. The update shows AI vulnerability discovery moving from benchmark claims toward real engineering pipelines, while proof generation remains the hard part.
JetBrains AI Plugin Malware Puts Developer API Keys at Risk
JetBrains says it removed 15 malicious Marketplace plugins that posed as AI coding tools while stealing developer API keys. Users who installed or configured the plugins should revoke affected OpenAI, DeepSeek, SiliconFlow, or other AI provider keys and check usage logs now.
Mastra npm Compromise Turns AI Agent Frameworks Into a Supply-Chain Target
Attackers republished more than 140 Mastra npm packages with a poisoned easy-day-js dependency, exposing AI agent developers to an install-time remote payload. Teams that installed affected @mastra packages on June 17 should treat developer machines and CI runners as compromised.
SpaceX’s $60B Cursor Deal Turns AI Coding Tools Into Infrastructure
SpaceX’s SEC filing confirms a $60 billion all-stock deal to buy Anysphere, the company behind Cursor. The acquisition turns AI coding tools into a strategic infrastructure bet tied to compute, developer distribution, and xAI’s coding-agent ambitions.
LiteSpeed cPanel Flaw Puts Shared Hosting Servers on CISA’s Patch Clock
CISA added CVE-2026-54420, an actively exploited LiteSpeed cPanel plugin flaw, to its Known Exploited Vulnerabilities catalog. Shared hosting providers running CloudLinux or CageFS should move to the fixed plugin versions, check cPanel logs, and treat suspicious access as a possible root-level incident.
Microsoft Work IQ APIs Put Enterprise Agents Inside the Microsoft 365 Trust Boundary
Microsoft Work IQ APIs are generally available today, giving custom and third-party agents a governed way to use Microsoft 365 context, tools, workspaces, and Copilot-style responses. The real test is whether enterprises can manage permissions, audit trails, and Copilot Credits before agents start acting across work data.
curl’s July Security Pause Shows AI Bug Reports Have a Human Bottleneck
The curl project will pause public vulnerability reports during July 2026 after months of AI-assisted security-report pressure. The break exposes a practical risk for companies that depend on critical open source software: finding bugs is getting faster than triage, patching, and maintainer capacity.
Google and Kaggle’s Free AI Agents Course Starts Today
Google and Kaggle’s free five-day AI Agents Intensive starts June 15, 2026. Here’s what the vibe-coding course covers, who should join, and how to get the most from it.
Grok Build Plugin Marketplace Makes Coding Agents a Toolchain Problem
xAI launched a built-in plugin marketplace for Grok Build, turning coding-agent setup into a packaged ecosystem of skills, commands, hooks, MCP servers, and language-server integrations.
Azure OpenAI Model Retirements Are Now an Engineering Calendar
Microsoft Foundry’s model retirement schedule gives Azure OpenAI teams concrete deadlines for gpt-5-chat, gpt-4o, and gpt-4.1 migrations. The risk is not just model access. It is regression testing, deployment type, region support, and API behavior.