Cordyceps: Malicious Pull Requests Campaign Targets CI/CD Workflows23. June 2026CybersecurityAttackers exploit CI/CD vulnerabilities in established open-source products to inject code via pull requests. Share on:
SymJack: Symbolic Link Attack on AI Coding Agents10. June 2026AI Models, Claude Code, CybersecurityAI coding agents can be manipulated via compromised symlinks to silently register malicious server code that executes with user privileges on restart, endangering secrets and CI infrastructure. Share on: