Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
InfoWorld

Visual Studio Code previews chat customizations editor

Just-released Version 1.113 of Microsoft’s Visual Studio Code editor emphasizes improvements ranging from chat customizations ...
InfoWorld

Claude Code AI tool getting auto mode

Anthropic is fitting its Claude Code AI-powered coding assistant with an auto mode for the Claude AI assistant to handle ...
TechBooky

GitHub Expands AI Security Detections Across More Languages

GitHub is adding AI-powered security detections to its Code Security offering, aiming to catch more vulnerabilities across a ...

New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack

A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...