PARIS, FRANCE – JUNE 04: In this photo illustration the GitHub logo is seen on the screen of an iPhone in front of a computer screen showing a Microsoft logo on June 04, 2018 in Paris, France. (Photo Illustration by Chesnot/Getty Images)
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the…
Rep. Bennie Thompson, D-Miss., talks with reporters outside the U.S. Capitol after the last vote of the week on Friday, Jan. 9, 2026. (Tom Williams/CQ Roll Call)
Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer tools and CI pipelines.
Anthropic and OpenAI promise their latest tools will find more vulnerabilities. Cybersecurity employees say they’re already flooded with AI-generated reports.
The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.
In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)
Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.
PARIS, FRANCE – JUNE 04: In this photo illustration the GitHub logo is seen on the screen of an iPhone in front of a computer screen showing a Microsoft logo on June 04, 2018 in Paris, France. (Photo Illustration by Chesnot/Getty Images)
