InfoQ

Claude Code Adds Dynamic Workflows for Parallel Agent Coordination

Anthropic introduced Dynamic Workflows, a new capability for Claude Code designed to handle complex software engineering ...

A Java library just tried to trick AI coding agents into deleting your tests, and it almost worked

The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single ...

A successful options trader says these are his top picks for AI tools, and how regular investors can use them

"You use AI, or you fall behind," said Erik Smolinski, an options trader who has consistently beaten the S&P 500 to become financially independent.
InfoQ

Arm Open-Sources Metis, an AI Security Framework Outperforming Traditional SAST Tools

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...
SecurityWeek

New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails

Edamame's runtime security platform detects AI coding agent “intent drift,” secret theft and supply-chain attacks using host ...
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo. As ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
csis.org

AI-Driven Code Analysis: What Claude Code Security Can—and Can’t—Do

Q1: How does Claude Code Security function—and how does it differ from traditional static application security testing (SAST)? A1: Conventional rule-based static analysis uses pattern matching, ...
Forbes

From 'Shift Left' To 'Shift Smart': Why AI Agents Will Replace Static Analysis

Over the years, "shift left," a development practice that shifts testing, QA and security initiatives "left" on the timeline, has become the cornerstone of DevSecOps. I've watched it become the ...
cybermagazine

Will Anthropic's Claude Code Security Replace Cyber Tools?

Anthropic launched Claude Code Security to hand defenders an AI powered vulnerability scan and patch tool, which left cybersecurity stocks crumbling The team at Anthropic has decisively stepped into ...
VentureBeat

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived ...