UI-TARS Desktop is a serious local computer-use agent — if you lock down the setup
ByteDance’s UI-TARS Desktop is one of the most interesting open-source computer-use agents right now: it sees your screen,...
CodeQL 2.26.0 is useful for teams shipping AI features in JavaScript or TypeScript. The release adds js/system-prompt-injection, a query for cases where untrusted user-provided values flow into an AI model's system prompt and can manipulate model behavior.\n\nWhy bookmark it: GitHub says every new CodeQL version is automatically deployed to GitHub code scanning users on github.com, so many teams can get the new query through existing security workflows instead of adding a separate scanner. The release also adds prompt-injection sinks for OpenAI, Anthropic, and Google GenAI SDK APIs, plus Kotlin 2.4.0 support and several query accuracy improvements.\n\nUse it for: AI app pull requests, agent backends, prompt-template libraries, Realtime session setup, and GenAI SDK integrations where user content might cross into system-level instructions.\n\nCheck before relying on it: whether your repo uses GitHub code scanning on github.com or a GitHub Enterprise Server version that includes CodeQL 2.26.0, whether the affected language pack runs in your workflow, and whether custom prompt-building helpers need extra modeling.
GitHub's CodeQL 2.26.0 adds a JavaScript and TypeScript query for system prompt injection, giving teams a static-analysi…
GitHub's refreshed pull requests dashboard is now generally available, giving developers and managers one place for revi…
CISA added two actively exploited Joomla extension upload flaws to KEV on July 10, 2026, with a July 13 remediation dead…
Sign in to join the discussion and vote on comments.
Sign in