TeamPCP continues its attack on open source projects, now apparently asking for $50,000.

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...

Visual Studio Code 1.121 focuses on agent workflows, model configuration, terminal behavior and built-in preview features -- and features another update to Claude Code functionality.

Casablanca — GitHub said Tuesday night that hackers breached the open source code platform through a malicious extension for VSCode, the Microsoft-owned code editor used by many developers. The group ...

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by ...

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

In collaboration with Google and the Shadowserver Foundation, CrowdStrike Counter Adversary Operations team struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing ...

GitHub said hackers broke into an employee’s device using a vulnerability in an extension to Microsoft's VSCode application. Hackers broke into GitHub’s internal systems and stole data from thousands ...