A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Marin Independent Journal

Editorial: Huffman best in race for congressional primary’s top two

As Rep. Jared Huffman seeks his eighth term in Congress, he faces the challenge of campaigning in a newly drawn district and a host of challengers. Since he was first elected in 2012, Huffman’s ...
PC World

GitHub Copilot’s price shakeup could end cheap AI coding as we know it

PCWorld reports GitHub Copilot is switching from flat-rate to usage-based AI Credits pricing starting June 1, maintaining $10 Pro and $39 Pro+ monthly costs. This change addresses unsustainable ...
The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Summary: Lovable, the $6.6 billion vibe coding platform with eight million users, has faced three documented security incidents exposing source code, database credentials, and thousands of user ...
The Next Web

GitHub freezes new Copilot sign-ups as agentic AI breaks the economics of flat-rate developer subscriptions

Agentic coding workflows are now routinely generating costs that exceed what users pay per month. GitHub’s response, pausing new sign-ups for Pro, Pro+, and Student plans and tightening usage caps, ...
USA Today

What is dynamic pricing at grocery stores? Maryland now bans it

Maryland has become the first state in the U.S. to ban stores from engaging in dynamic pricing, a controversial practice gaining traction at retailers nationwide. Gov. Wes Moore first introduced the ...
Deadline.com

‘Doc’ Actor Leaving As Series Regular, Felicity Huffman & Recurring Cast Member Exit As Blair Underwood Joins & Scott Wolf May Be Back (Again)

(L-R) Charlotte Fountain-Jardim, Omar Metwally, Patrick Walker, Felicity Huffman, Molly Parker, Jon Ecker, Anya Banerjee, and Amirah Vann Fox SPOILER ALERT: The story includes details about the ...
InfoQ

Dynamic Languages Faster and Cheaper in 13-Language Claude Code Benchmark

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
GitHub

dahuffman - Python Module for Huffman Encoding and Decoding

dahuffman is a pure Python module for Huffman encoding and decoding, commonly used for lossless data compression. The name of the module refers to the full name of the inventor of the Huffman code ...
Bleeping Computer

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...