GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...
How-To Geek on MSN

I asked three AI models to fix the same broken code. One outperformed the rest

May the best coding AI win!

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
How-To Geek on MSN

This AI coding assistant changed how I use VS Code, and I can't go back

I stopped Googling error messages after building this VS Code AI assistant—and it supercharged my programming.
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
Dark Reading

Hackers Use AI for Exploit Development, Attack Automation

Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate ...

What's a coding course for in the age of AI? Maybe not learning to write it

Now, it's an open question: Is there still a value in learning how to code?
SecurityWeek

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...

7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold out7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold ...

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about Edge browser handling passwords in plaintext, JDownloader getting hacked, and the TAB key.