GitHub Actionsの構造的欠陥「Cordyceps」が公開、MicrosoftやGoogleも無料 ...

ペネトレーションテスト企業のNovee Securityは2026年6月23日、GitHub ActionsのCI/CDパイプラインに潜む構造的な脆弱性パターン「Cordyceps(コルディセプス)」に関する調査結果を公開した。この脆弱性を悪用すると ...
techtimes

Claude Code Loop Engineering: Stop Prompting, Start Designing Autonomous Agent Workflows

Anthropic Product Manager and Anthropic engineer Boris Cherny in a video introducing Claude Code on Feb 24, 2025. Anthropic.com Anthropic's Boris Cherny has stopped writing prompts. The creator and ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.