InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, enabling consistent, enforceable code scanning across thousands of repositories.
The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...

OpenAI says new coding model helped build itself

The new coding model released Thursday afternoon, entitled GPT-5.3-Codex, builds on OpenAI’s GPT-5.2-Codex model and combines insights from the AI company’s GPT-5.2 model, which excels on non-coding ...