The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
Crypto Briefing

Fetch.ai debuts token launchpad on BNB Chain to let AI agents autonomously mint crypto

Fetch.ai has launched Agent Launch on BNB Chain that enables AI agents to issue tokens, build supporter communities, and list on decentralized exchanges in minutes without requiring a human founder, ...
cybernews

AI token costs overtake human salaries as automation spending spirals, tech execs admit

AI token costs now exceed employee salaries at some companies, Uber maxed out its full-year AI budget in 4 months, Nvidia VP admits compute costs more than workers. Companies fired workers to cut ...
The Conversation

Silicon Valley’s AI ‘tokenmaxxing’ obsession has a big problem – and philosophers saw it coming

Some time earlier this year, an employee at tech giant Meta built a system to track how much each staff member was using artificial intelligence (AI). Named “Claudeonomics” after the Claude chatbot, ...
Ars Technica

Google’s Gemma 4 AI models get 3x speed boost by predicting future tokens

Google launched its Gemma 4 open models this spring, promising a new level of power and performance for local AI. Google’s take on edge AI could be getting even faster already with the release of ...