Dark Reading

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...
TechCrunch

Protestware on the rise: Why developers are sabotaging their own code

If combating attacks and hijackings of legitimate software on open source registries like npm weren’t challenging enough, app makers are increasingly experiencing the consequences of software ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a high-agency, reliable, and commercially viable AI agent.
Morning Overview on MSN

This wild AI tool rips off open source code without breaking copyright

In early 2025, a class-action lawsuit against GitHub, Microsoft, and OpenAI over Copilot’s use of open-source training data ...

Hot take: AI's not going to kill open source code security

Opinion Cal.com has closed its commercial codebase, abandoning years of AGPL-3.0 licensing in a move that has alarmed the ...

Open source is collapsing under AI-powered threats | Cal.com

AI has upended the foundation of open source security, and commercial open source applications must close their code to protect sensitive data.