Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

GitHub has introduced the GitHub Copilot app, a desktop control centre for agent-native development that aims to keep ...

Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.

Update May 20, 04:17 EDT: GitHub has now confirmed the breach of ~3,800 internal repositories after an employee installed a malicious VS Code extension. GitHub is investigating a breach of its ...

Microsoft is adding AWS capacity to GitHub after AI-driven growth strained infrastructure and triggered a series of ...