Infosecurity Magazine

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
Bleeping Computer

Hackers can use GitHub Codespaces to host and deliver malware

Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to ...
Diginomica

Duolingo uses Codespaces and Tailscale for secure remote development

Since language learning app Duolingo launched back in 2012, all its coding was done locally on engineer laptops or desktops. There were a few problems with this approach. Firstly, when new developers ...
ZDNet

GitHub expands teacher access to Codespaces in Global Campus

Teachers who join GitHub's Global Campus and use GitHub Classroom will now get free access to the browser-based Codespaces integrated development environment, the code hosting platform said in a ...