GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a ...
Infosecurity Magazine

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...

GitHub investigating cyberattack linked to malicious VS Code extension and leaked internal repositories

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

The Secret to Unlocking Unlimited AI Coding on Your Local Machine

Set up local AI coding workflows using Codex and Ollama to build, edit, and review software without cloud subscriptions.
The Hacker News

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...
Decrypt

OpenAI Confirms Security Breach Linked to AI Malware Campaign

OpenAI says malware tied to the Shai-Hulud supply chain attack accessed internal repositories after infecting two employee ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

News Roundup: May 12, 2026 — Secure Code Warrior, NetSPI, Claude/AWS, Sembi

Secure Code Warrior collaborating with AWS, launches Amazon Bedrock AI Learning Modules. Secure Code Warrior announced it has ...
Tech Wire Asia

Google says hackers are using AI to find zero-days and build malware

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...
cryptopolitan

Fake OpenAI repo hits 244K downloads, ships crypto wallet stealer

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...