500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
cryptopolitan

Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware

A May 11 supply chain attack affected over 170 npm and PyPI packages, including 404 malicious versions of Mistral AI, TanStack, UiPath, OpenSearch, and Guardrails AI. It’s the first documented case of ...
How-To Geek on MSN

How to use Claude as a coding tutor that tracks my progress (prompt included)

I built a coding tutor that won't let me cheat my way through it. Here's the prompt.
MUO on MSN

I switched to Linux without losing my Windows workflow — here's how WSL made that possible

I stopped choosing between Windows and Linux.