GitHub disabled 73 Microsoft repos after the Miasma worm exploited previously compromised credentials to plant malware targeting AI coding agents.

A Claude Code project template that bootstraps a complete agile development workflow with specialized AI agents, configured for Google Cloud Platform. Not on GCP ...

15 cloud scenarios. 43 merge-ready fixes. 100% loop closure. 12 minutes and $17 to author once; seconds and zero-cost ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Abstract: Code generation is a latency-sensitive task that demands high timeliness. However, with the growing interest and inherent difficulty in repository-level code generation, most existing code ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

This repository contains a helper tool for the Hedera TSS Ceremony. It provides a containerised environment to run the ceremony software, including key management and logging. The container downloads ...

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.

Researchers say the campaign abused compromised access tokens and deploy keys to inject malicious GitHub Actions workflows ...

Hackers rewrote all Git tags across four Laravel-Lang packages, poisoning over 700 historical versions with backdoors.