The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Meet Wander, a StumbleUpon-inspired tool for discovering the ‘small web’

This open-source community project lets you create a StumbleUpon-like experience for recommending your favorite sites.
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

I asked ChatGPT to help me learn coding in a 12-Sunday upskilling plan: AI gives me ...

I am a software engineer. But, there is one thing still missing from my profile: coding. I asked ChatGPT to prepare a ...
51CTO

如何构建一个好的 AGENTS.md:AI 编码 Agent 的项目级行为规范优秀实践

AGENTS.md 是一个放置在项目根目录的纯 Markdown 文件,专门用于指导 AI 编码 Agent 的行为。 最近在用 Cursor 和 Codex 写代码的时候,我越来越发现一个问题:每次新开会话,AI 都要重新问一遍项目结构、用什么包管理器、代码该放哪层。久而久之就觉得烦。 AGENTS.md ...

Toronto’s grassroots Pride Picnic brings ‘queer joy’ to a downtown park

A patchwork of blankets, beach towels, and pride flags has begun to form at 11 a.m. Attendees slowly continue to fill the ...