GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
GovInfoSecurity

GitHub Tells Self-Hosted Admins to Rotate Keys

Hacked code repository GitHub warned administrators of self-hosted git servers to rotate public encryption keys following a ...

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
InfoQ

Rise of Python, Generative AI, and Global Developer Communities: Insights from GitHub Octoverse 2024

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Geeky Gadgets

Python Overtakes JavaScript: The New King of GitHub

The software development landscape in 2024 is experiencing a profound shift, primarily driven by the integration of artificial intelligence (AI). Contrary to fears of job displacement, AI is actually ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.