The Wire — 2026-06-19

I found 10k GitHub repositories distributing Trojan malware

A security researcher discovered over 10,000 GitHub repositories distributing Trojan malware through a coordinated campaign. The repositories copy legitimate projects, then periodically delete and re-push commits that add a zip archive link to the README. The archive evades VirusTotal's URL scan but triggers detection when the file itself is submitted, and GitHub support took over a month to remove the initial reports.

Why it matters

For platform engineers and security-conscious developers, this highlights a critical blind spot in GitHub's abuse detection—malicious actors can weaponize the commit history and README patterns to distribute malware at scale, bypassing both automated scans and manual reporting workflows.

Cloud / infoq.com

Azure Functions Ships Serverless Agents Runtime at Build 2026

Microsoft announced the public preview of Azure Functions serverless agents runtime at Build 2026, enabling event-driven AI agents defined in .agent.md files with YAML frontmatter for triggers and markdown for instructions. The runtime supports any Azure Functions trigger (HTTP, Timer, Service Bus, etc.), MCP tool servers, sandboxed code execution via Azure Container Apps dynamic sessions, and 1,400+ managed connectors including Microsoft 365 and Salesforce. Billing remains standard Flex Consumption with scale-to-zero and no additional 'agents tax', while cold start latency is attributed to LLM invocation rather than the platform.

AI/ML / infoq.com

GitLab 19.0 Embeds Agentic AI in Secrets, Merge Requests, and Supply Chain Security

GitLab 19.0 shifts agentic AI from code generation to security and workflow governance, introducing a public beta of GitLab Secrets Manager that stores credentials within the existing platform hierarchy and integrates with HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and GCP Secret Manager. The Developer Flow agent now handles reviewer feedback, splits oversized merge requests, and resolves conflicts by reading team context from an AGENTS.md file, while a new Resolve with Duo button commits proposed fixes and leaves summary comments. On the supply chain side, the SBOM-based dependency scanner reaches GA for Maven, npm, NuGet, PyPI, Go, and Cargo, with automatic lockfile generation for Maven, Gradle, and Python, and GitLab Duo Core moves to usage-based billing via GitLab Credits, with self-hosted environments gaining support for open-source models like Mistral Devstral 2 123B and Claude Opus 4.7.

Security / techmeme.com

How hacker group TeamPCP exploited the open source trust model and distribution method to compromise and inject malware into over 1,000 software packages (Matt Kapko/CyberScoop)

This article likely details how the hacker group TeamPCP exploited the open source trust model and distribution methods to compromise and inject malware into over 1,000 software packages, highlighting the industry's prioritization of code shipping over security.

AI/ML / blog.modelcontextprotocol.io

Zero-Touch OAuth for MCP

The Enterprise-Managed Authorization (EMA) extension for MCP is now stable, enabling organizations to centrally manage server access through their identity provider (IdP) like Okta. Users authenticate once via SSO and receive an Identity Assertion JWT Authorization Grant (ID-JAG) from the IdP, which is exchanged for an access token without per-server consent prompts. Early adopters include Anthropic (Claude, Claude Code, Cowork), Microsoft (VS Code), and server providers like Asana, Atlassian, Canva, and Figma.

AI/ML / jvm-weekly.com

Project Valhalla, Explained: How a Decade of Work Arrives in JDK 28

Project Valhalla's JEP 401 (Value Classes and Objects) has been integrated into OpenJDK targeting JDK 28, adding over 197,000 lines across 1,816 files. The feature, disabled by default and in preview, allows user-defined classes to behave with the memory efficiency of primitives—eliminating pointer indirection, object headers, and heap fragmentation for dense, cache-friendly layouts. Brian Goetz cautions this is only the first part, with the community already shifting from 'they'll never ship it' to 'they didn't ship the most important part.'

Security / infoq.com

Article: Designing Continuous Authorization for Sensitive Cloud Systems

Continuous authorization shifts access control from a single login-time decision to runtime evaluation of each sensitive operation, addressing the gap between what a user 'can' do and what they 'should' do. By assessing context—such as query volume, data type, and location—at every action, systems can detect misuse like bulk exports before data exfiltration occurs. This approach balances real-time risk evaluation with performance through behavioral baselines, selective evaluation, and caching, generating audit-ready evidence without exposing underlying sensitive data.

General / abhinavsarkar.net

Nix for Haskell: Static Builds

Nix simplifies creating statically-linked Haskell executables by configuring GHC with musl libc and disabling shared, profiled, and DWARF builds. The approach uses Nix overlays to override the GHC derivation, enabling static linking without manual toolchain setup. This produces a single deployable binary, similar to Go or Rust static builds, but for Haskell projects.

AI/ML / thenewstack.io

Cursor, GitLab and Zed agree GitHub is breaking. They disagree on how to rebuild it.

Cursor, now backed by SpaceX after a $60B acquisition, unveiled Origin—a Git-compatible code-hosting platform built for AI-agent-driven workflows. Graphite co-founder Tomas Reimers argues that existing tools like GitHub are breaking under the load of AI-generated code, citing GitHub's 1.4 billion monthly commits and 17 million AI-generated PRs. Origin aims to rebuild developer tooling from scratch, leveraging Graphite's existing customer base (Shopify, Snowflake, Notion, Figma) and Cursor's AI capabilities to address infrastructure that can't keep pace with 10-100x developer productivity.

AI/ML / dev.to

Open-Source Coding Agents: One Ties Sonnet, One Won't Listen

Open-source coding agents GLM 5.2 and MiniMax M3 now match or beat Claude Sonnet 4.6 on quality across 1,000 real coding tasks, with GLM 5.2 scoring 91.9 overall vs Sonnet's 90.8 while costing $0.289 per task vs $0.296. Qwen3.7-Plus is the cheapest at $0.068 per task but scores lowest at 82.2 overall and struggles with instruction-following. The skill-based context boost adds ~20 points to every model's score, primarily improving instruction-following rather than task completion.