GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
Who won?: Gemini 3.1 Pro claimed first place in a multi-AI Python debugging challenge, outperforming ChatGPT and Claude. What was tested?: The flawed script contained syntax errors, path handling ...
Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...
May the best coding AI win!
Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results