In collaboration with Google and the Shadowserver Foundation, CrowdStrike Counter Adversary Operations team struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing ...

A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...

Gamers looking to grab some spooky titles for free are in luck, as there are currently two PC horror games they can claim and keep at no cost.

The best code editor might actually be your best everything editor.

Discover the top 12 tools in 2026, from Cursor to Copilot, to speed up daily dev workflows and build apps faster!

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate on human and agent reviews. Visual Studio Code 1.115, the latest release of ...

Sign of the times: An AI agent autonomously wrote and published a personalized attack article against an open-source software maintainer after he rejected its code contribution. It might be the first ...