Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

OpenAI launches Codex desktop app to power next-generation software development; check features and how to use

OpenAI has launched a new Codex desktop application as it looks to strengthen its position in the fast-growing market for ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.

GitHub integrates Claude and Codex AI coding agents directly into GitHub

GitHub users can now use third-party coding agents ...
InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...
Techweez

GitHub Adds Claude and OpenAI Codex as Native AI Coding Agents

GitHub has added Claude and OpenAI Codex as native AI coding agents that work directly in repos, issues, and pull requests.
Visual Studio Magazine

VS Code 1.109 Deemed a Multi-Agent Development Platform

The January 2026 release of Visual Studio Code expands AI-assisted development with structured planning agents, parallel ...

Xcode 26.3 hands on: AI agent coding is astoundingly fast, smart, and too convenient

The improved AI agent access in Xcode has made vibe coding astoundingly simple for beginners, to a level where some apps can ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Microsoft Launches winapp to Simplify Windows App Development

Microsoft’s new winapp CLI simplifies Windows app development with one-command setup, faster testing, and easier packaging.

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend ...