Somewhere inside GitHub, a developer installed a Visual Studio Code extension. It looked like any other productivity plugin ...

GitHub disabled 73 Microsoft repos after the Miasma worm exploited previously compromised credentials to plant malware targeting AI coding agents.

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...

A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and ...

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.

A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house.

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

An archive of roughly 4,000 repositories is reportedly being offered for sale on the dark web, by threat actors known as ...

“It is important to keep in mind that courts have found that the mere intent to keep the document confidential is insufficient.” Recently, I met with a potential client to discuss key points that ...

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...