2025-04-15
8 分钟What up, nerds?
I'm Jared, and this is Changelog News for the week of Monday, April 14th, 2025.
Security researchers have discovered a way that hackers might weaponize GitHub Copilot and Cursor to insert malicious code that might bypass typical code reviews,
calling it virtually invisible to developers and security teams.
So your most trusted coding assistant could also be an unwitting accomplice to some particularly gnarly attacks.
Is it time to update the old adage?
Keep your friends close and your enemies closer, but your AIs closest.
Okay, let's get into the news.
Google's new protocol has AI agents talking.
If our agentic future is to someday arrive,
we're going to need a way for my agent to call your agent so we can do lunch.
Google thinks they've developed a good way of achieving that with their A2A protocol.
It's, quote,
a collaborative way to help agents across different ecosystems communicate with each other.
Google is driving this open protocol initiative for the industry
because we believe this protocol will be critical to support multi-agent communication by giving your agents a common language irrespective of the framework or vendor they are built on,
end quote.
They have more than 50 technology partners agreeing to work together to further develop this protocol,
and they see it as complementary to MCP, not in competition with it.
According to Google, MCP provides helpful tools and context to agents,