GitHub

Drswith/vscode-json-string-code-editor

Choose from auto-detected languages Edit in a new tab with syntax highlighting Press Ctrl+S to save and sync back Note: Language detection is built into the extension and cannot be customized by users ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
The Lancet

Once-weekly semaglutide 7·2 mg in adults with obesity (STEP UP): a randomised, controlled, phase 3b trial

aFaculty of Medicine, University of Toronto, Toronto, ON, Canada bFaculty of Health and Kinesiology, York University, Toronto, ON, Canada cFaculty of Medicine, McMaster University, Hamilton, ON, ...
The New York Times

Iran Agreed to Give Up Enriched Uranium in Deal Announced by Trump, U.S. Officials Say

Precise details were unclear but the officials said the U.S. demanded a commitment from Iran on uranium as part of any initial agreement. By Julian E. Barnes Reporting from Washington One key element ...
Bleeping Computer

GitHub confirms breach of 3,800 repos via malicious VSCode extension

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...
cybernews

GitHub confirms breach after hackers put stolen source code up for sale

GitHub confirmed that attackers gained unauthorized access to its internal repositories after an employee's device was compromised through a poisoned Visual Studio Code extension. The threat actor ...
Morning Overview on MSN

The 'mini Shai-Hulud' attack hides inside AI coding agent configs — the first supply chain attack to weaponize Claude Code and VS Code as persistence vectors

On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had spread to at least 169 packages across the npm registry, the world’s ...