A new round of disclosures shows AI coding agents are failing at one core security principle: broken access control via credentials. Exploits across Codex, Claude Code, Copilot, and Vertex AI repeatedly steal OAuth or service-account tokens, then act in production without a human session binding the request. Researchers warn defenders focused on CVEs while attackers target runtime identities.
GitHub is experiencing outages as demand spikes during the AI coding boom, with unexpected pressure on systems that typically handle routine developer workflows. The disruptions highlight how rapidly automated code generation is changing usage patterns, taxing bandwidth, background jobs, and service stability. Developers may see intermittent access issues even when they are not running advanced AI tools directly.
Your news, in seconds
Get the Beige app — every story in 60 words, updated hourly. Free on iOS & Android.
Swipe through stories, personalise your feed, and save articles for later — all on the app.
