Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and ...

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer soon. The Microsoft-owned platform has confirmed that it is investigating ...

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, including internal source code.

Drowning in AI-generated code isn't progress — it's an operational bottleneck that burns out your best senior engineers on ...