In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...

Composer 2.5 is Cursor's third-generation proprietary coding agent, available exclusively inside the Cursor IDE and through the @cursor/sdk — not as a general API. Like its predecessor, it is built on ...

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a ...

GitHub has confirmed that it is investigating unauthorized access to some of its internal repositories. The company shared ...

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...

GitHub confirmed an attacker was able to access its internal repositories after a code extension breach, with TeamPCP ...