GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.

Semiconductor provider Nuvoton Technology has launched a graphical user interface (UI) tool designed specifically for machine ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.