A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.
Krebs on Security

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public ...

What AI coding benchmarks still miss about software quality

Most AI coding benchmarks still ask the question: did the agent produce code that passes the current tests? This is a useful ...

OpenSSF Notes Quarter of Growth with New Members, Added AI Security Resources, and Growing Community

The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...
Visual Studio Magazine

The Rise of OpenTelemetry in Microsoft Dev Tooling

CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.

Attack on GitHub: Data from 3800 internal repositories stolen

GitHub has confirmed an attack via an extension for Visual Studio Code. The stolen data is apparently for sale on a ...
Dark Reading

CISA Exposes Secrets, Credentials in 'Private' Repo

CISA," the repo was publicly accessible online since Nov. 13, 2025. In a blog post, Valadon said he first discovered the ...
Decrypt

GitHub Confirms 3,800 Internal Repos Stolen Through Poisoned VS Code Extension

TeamPCP gained access to GitHub's private source code after an employee unknowingly installed a malicious coding tool.
Computer Weekly

Interview: How Volvo built software for a two-and-a-half-tonne moving object

Volvo Cars is the only legacy carmaker in the world rated at the highest level of software-defined vehicle capability by S&P Global Mobility. Its chief engineering and technology officer, Anders Bell, ...
techtimes

Karpathy-Inspired CLAUDE.md Passes 220,000 Combined GitHub Stars With Four Rules That Stop AI Breaking Code

With Google I/O 2026 opening Tuesday and agentic coding confirmed as a central theme, software engineers are auditing how they configure their AI coding tools. One repository has emerged as the ...