Copilot coding agent was embedding promotional text for Raycast and GitHub features into pull request descriptions. A GitHub search found more than 1.5 million PRs with the same pattern.
Socket reports an active campaign using 19 malicious npm packages. It targets AI development environments such as Claude, Cursor, and VS Code, stealing SSH keys, npm tokens, and API keys, and then propagates via a worm.
From 44 Claude Code tips on GitHub, this article handpicks 10 you can apply right away. Concrete methods to boost efficiency and improve your workflow.
