Vibe Coding
Google says everyone will be able to vibe code video games
Google AI Studio product lead teased that everyone will be able to vibe code video games by the end of the year. Vibe coding is one of the selling points of generative AI, but it’s also overhyped. While it’s actually possible to vibe code decent web apps and apps using an AI IDE like Cursor, […]
Cursor AI editor lets repos “autorun” malicious code on devices
A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it’s opened. Threat actors can exploit the flaw to drop malware, hijack developer environments, or steal credentials and API tokens, without developers having to execute any commands. Cursor is an AI-powered Integrated Development Environment (IDE) built […]
OpenAI releases big upgrade for ChatGPT Codex for agentic coding
OpenAI has announced a big update for Codex, which is the company’s agentic coding tool. The changes include new VS Code extension, sync support between web and terminal, and more. If you’ve a Plus or Pro subscription, you can now use Codex with every build, and it doesn’t matter where you use Codex. It now also works […]
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google’s Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers’ computers using allowlisted programs. The flaw was discovered and reported to Google by the security firm Tracebit on June 27, with the tech giant releasing a fix in version 0.1.14, which became available on July 25. Gemini CLI, […]
Amazon AI coding agent hacked to inject data wiping commands
A hacker planted data wiping code in a version of Amazon’s generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to help developers code, debug, create documentation, and set up custom configurations. It is available on Microsoft’s Visual Code Studio (VCS) marketplace, where it counts nearly one […]
Microsoft open-sources VS Code Copilot Chat extension on GitHub
Microsoft has released the source code for the GitHub Copilot Chat extension for VS Code under the MIT license. This provides the community access to the full implementation of the chat-based coding assistant, including the implementation of “agent mode,” what contextual data is sent to large language models (LLMs), and the design of system prompts. The GitHub repository […]
Google’s upcoming Gemini Kingfall is allegedly a coding beast
Google’s AI advancement is not slowing down, and we might be getting yet another powerful model codenamed “Gemini Kingfall.” As spotted by users on X, Gemini Kingfall briefly appeared on AI Studio for approximately 20 minutes before it was taken down. While the details aren’t available, Gemini Kingfall doesn’t appear to be an update to the existing […]
Vibe coding company says Claude 4 reduced syntax errors by 25%
Lovable, which is a Vibe coding tool, says Claude 4 has reduced its errors by 25% and made it faster by 40%. On May 22, Anthropic started rolling out two new models: Claude Sonnet 4 and Claude Opus 4. While Sonnet is available for free users, Opus requires a paid subscription and is able to do better […]
ChatGPT rolls out Codex, an AI tool for software programming
OpenAI is rolling out ‘Codex’ for ChatGPT, which is an AI agent that automates and delegates programming tasks for software engineers. OpenAI isn’t explicitly claiming that Codex will eventually replace junior software engineers. Instead, the company states Codex could help developers achieve more by delegating their tasks to different agents. The idea is to move […]
AI-hallucinated code dependencies become new supply chain risk
A new class of supply chain attacks named ‘slopsquatting’ has emerged from the increased use of generative AI tools for coding and the model’s tendency to “hallucinate” non-existent package names. The term slopsquatting was coined by security researcher Seth Larson as a spin on typosquatting, an attack method that tricks developers into installing malicious packages by using […]