Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

Hackers infiltrated Microsoft's open-source projects on GitHub, embedding password-stealing malware into the code, prompting ...

GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, including internal source code.

A massive supply chain attack dubbed Megalodon has infected over 5,500 GitHub repositories with credential-stealing malware, ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Developers who rely on GitHub Copilot inside Visual Studio Code now have a new option built entirely by Microsoft. The ...

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...