Krebs on Security

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS ...
PCMag on MSN

Hackers infiltrate GitHub by compromising employee device

GitHub traced the breach to a malicious version of a Visual Studio Code extension, underscoring the threat of hackers ...

Hackers breach GitHub and access 3,800 internal repositories now listed for sale

GitHub has said it found about 3,800 internal repositories accessed in the breach and stressed that these contained its own code rather than customer projects. The ...
Tech Times

Floci Tops 10,000 GitHub Stars as Free, MIT-Licensed AWS Emulator Fills LocalStack’s $39/Month Paywall Gap

Thousands of software development teams whose CI/CD pipelines depended on LocalStack’s free community edition lost access to ...