GitHub Copilot Agentic Harness & Curl Patches 25-Year-Old Bug & Chrome 149 Fixes 18 Vulnerabilities

AI Coding Tools

• GitHub Copilot agentic harness demonstrates strong performance and token efficiency across multiple benchmarks and tasks. Read more
• JetBrains Rider adds a performance-profiling agent skill to help AI agents identify real bottlenecks in freezing apps, moving beyond surface-level diagnostics. Read more
• Qoder agentic AI coding platform now available as an IntelliJ IDEs plugin, combining enhanced context engineering with intelligent agents for real software development workflows. Read more
• Cursor acquired by SpaceX-backed Anysphere in a reported $60 billion all-stock deal, signaling major consolidation in AI-powered dev tools. Read more

Languages & Runtimes

• Curl releases patch for CVE-2026-8932, a 25-year-old mTLS connection reuse vulnerability introduced in version 7.7 (March 2001) that could enable authentication bypass in libcurl applications. Patch also addresses CVE-2026-8926 (credential confusion), CVE-2026-8925 (double-free), CVE-2026-9080 and CVE-2026-10536 (use-after-free), and CVE-2026-9547 (improper host validation)—the highest number of CVEs patched in a single curl update. Read more
• OpenAI unveils Jalapeño, its first custom inference processor designed with Broadcom, expanding its full-stack platform from products to models to infrastructure for scaling AI deployments. Read more

Browser & Web Platform

• Chrome 149 rolls out with 18 security patches including 4 critical and 14 high-severity flaws; more than half are use-after-free vulnerabilities that could enable remote code execution. Available as versions 149.0.7827.196/197 for Windows/macOS and 149.0.7827.196 for Linux. Read more

DevOps & Cloud

• Amazon Aurora PostgreSQL now supports pgvector in production, enabling vector similarity search for AI/ML workloads at scale with managed infrastructure. Read more
• CVE-2026-49980 in Rclone (versions 1.46.0 to 1.74.3) affects the command-line cloud storage sync tool; update to 1.74.3+ for a fix. Read more

Databases & Data

• MongoDB Atlas celebrates 10 years as a managed cloud database, now positioning itself as an AI-ready platform for next-generation applications. Read more
• ClickHouse releases Silk, an open-source C++ fiber runtime combining NUMA-aware work-stealing scheduling, io_uring I/O, and zero-heap allocation for optimized performance. Read more
• ClickHouse 26.6 released June 25 with performance and feature improvements; also launches managed Postgres service for unified transaction and analytics workloads. Read more
• MongoDB Node.js Driver 7.4.0 released with explicit resource management support for improved connection and resource handling. Read more

Security

• GitLab CE/EE patches code execution vulnerability CVE-2026-12051 (SAML integration), XSS flaw CVE-2026-10712 (Web IDE workbench), and information disclosure CVE-2026-12053 (Duo Workflows insufficient filtering), plus seven medium-severity issues. Read more
• Microsoft extends free Windows 10 Extended Security Updates (ESU) program for consumers to October 12, 2027—a full year beyond the original October 2026 deadline—reflecting slow Windows 11 adoption. Read more
• CVE-2026-53250 in Linux kernel: xsk module caches csum_start/csum_offset to fix TOCTOU race condition in xsk_skb_metadata(). Read more

Dev Tools & IDEs

• Junie MCP Installation Assistant (JetBrains) provides AI-guided setup for adding MCP servers, streamlining configuration complexity. Read more
• Warp terminal releases guide on building cloud software factories using automatic triage skills, enabling infrastructure-as-code automation for teams. Read more