Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...
CRN

The Coolest Data Analytics Companies Of The 2026 Big Data 100

Part 1 of CRN’s Big Data 100 takes a look at the vendors solution providers should know in the data analytics and business ...
thearabianpost

Fake coding tests expose crypto developers

Software developers across close to 100 organisations have been targeted by a likely North Korea-linked hacking operation that used fake recruitment and code-review tasks to steal cryptocurrency, ...

Dev Configs for Windows: From fresh install to IDE in one command

With Microsoft's new Dev Configs, a Windows installation becomes a ready-to-use developer workstation with a single command – ...

Agentic AI arrives for Delphi and C++ Builder

Embarcadero has released Kai, an agentic AI assistant for RAD Studio, an IDE (integrated development environment) for Delphi ...
Martin Cid Magazine

GlassWorm hid invisible code in VS Code extensions for a year before its takedown

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...
Infosecurity Magazine

CrowdStrike, Google Take Down Glassworm Botnet

An industry effort involving CrowdStrike, Google and the Shadowserver Foundation has led to the disruption of the Glassworm botnet. Working together, the three organizations managed to simultaneously ...
DataBreachToday

GitHub Tells Self-Hosted Admins to Rotate Keys

Hacked code repository GitHub warned administrators of self-hosted git servers to rotate public encryption keys following a May 18 incident involving a poisoned VS Code extension used by an employee.

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...
Infosecurity-magazine.com

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
The Next Web

GitHub confirms hackers stole thousands of internal code repositories after employee installed a poisoned VS Code extension

GitHub confirmed that the cybercrime group TeamPCP exfiltrated roughly 3,800 internal code repositories after compromising an employee device through a poisoned VS Code extension. The Microsoft-owned ...

GitHub confirms 'hacking' attack; says: We detected and contained a compromise of an employee device involving a poisoned ...

GitHub has confirmed a cyberattack involving unauthorized access to some of its internal repositories after a threat actor claimed it had stolen and was attempting to sell company data online. In a ...