GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, including internal source code.

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Dozens of Microsoft-owned software repositories have been taken offline following a major cyberattack linked to the rapidly ...

Developers who rely on GitHub Copilot inside Visual Studio Code now have a new option built entirely by Microsoft. The ...

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...

A massive supply chain attack dubbed Megalodon has infected over 5,500 GitHub repositories with credential-stealing malware, ...

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.

Researchers say the campaign abused compromised access tokens and deploy keys to inject malicious GitHub Actions workflows ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.