NYT ‘Pips’ Hints, Answers And Walkthrough For Thursday, June 11

Looking for help with today's New York Times Pips? We'll walk you through today's puzzle and help you match dominoes to tiles ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...
Martin Cid Magazine

Chinese hackers spent 18 months inside Microsoft 365 before anyone noticed

A China-linked espionage group lived inside corporate cloud accounts for a year and a half by stealing trust instead of ...

OpenAI and Anthropic's next lock-in play: Databases of coding intent

Samuel Colvin, CEO of Pydantic, sees the top AI frontier labs creating databases of coding intent.

The beginner's guide to vibe coding

Everyone from kids to grandmas is vibe coding. Here's an easy guide on how to start.
TechRadar

AI-generated code is outpacing every manual remediation model in existence': Nearly all firms admit they have shipped code they know is vulnerable

Checkmarx research found 75% of organizations knowingly ship vulnerable code The time‑to‑exploit window is expected to shrink to just one minute, raising urgent risks for some sectors Vibe‑coded apps ...
VentureBeat

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Between May 6 and 7, four security research teams published findings about Anthropic’s Claude that most outlets covered as three separate stories. One involved a water utility in Mexico, another ...
TechSpot

Microsoft made Copilot a co-author on every VS Code project, reverted after developers revolted

Micro-Slop: After injecting Copilot into nearly every software product and service it could, Microsoft has reportedly begun rolling back some of its most disruptive AI-related changes. Now, a new "AI ...
VentureBeat

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

On March 30, BeyondTrust proved that a crafted GitHub branch name could steal Codex’s OAuth token in cleartext. OpenAI classified it Critical P1. Two days later, Anthropic’s Claude Code source code ...