GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security ...
GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.
GitHub confirms that 3,800 internal repositories were breached after a developer installed a malicious VS Code extension.
GitHub says the breach of roughly 3,800 internal repositories was tied to the wider TanStack npm supply-chain attack.
10h
GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension
GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
TeamPCP continues its attack on open source projects, now apparently asking for $50,000.
9h
OpenSSF Notes Quarter of Growth with New Members, Added AI Security Resources, and Growing Community
The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...
GitLab 19.0 extends agentic AI across the full development lifecycle with SBOM dependency scanning, Claude Opus 4.7 support, and credit-based agent pricing.
CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.
Socket raises $60M to expand AI-driven software supply chain security and protect developers from cyber threats worldwide.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results