Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Decrypt

GitHub Confirms 3,800 Internal Repos Stolen Through Poisoned VS Code Extension

TeamPCP gained access to GitHub's private source code after an employee unknowingly installed a malicious coding tool.
CSO Online

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...
Microsoft

Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow

The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ...
Martin Cid Magazine

A poisoned VS Code extension just stole 3,800 of GitHub’s own internal repositories

GitHub disclosed that attackers used a malicious Visual Studio Code extension on an employee's laptop to exfiltrate roughly 3 ...

Yearslong fight over users’ right to tweak smart TV software heads to trial

For years, owners of Vizio smart TVs have had little control over the software running on their sets—software that can track ...