GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...
Memeburn

Microsoft Flagged Mistral AI Hack in PyPI Malware Supply Attack

Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...

Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...
The Hacker News

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...
techtimes

Cursor Composer 2.5 Matches Claude Opus 4.7 on Coding Benchmarks at One-Tenth Cost

Composer 2.5 is Cursor's third-generation proprietary coding agent, available exclusively inside the Cursor IDE and through the @cursor/sdk — not as a general API. Like its predecessor, it is built on ...

The First AI-Crafted Zero-Day Was Easy to Spot. The Next One May Not Be

Google reported the first confirmed AI-assisted zero-day exploit, raising new concerns about logic flaws, supply chain risk, ...
Cybernews

GitHub confirms breach after hackers put stolen source code up for sale

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a ...