GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Hackers claim to be selling Dynatrace GitHub data, including source code, employee details, and infrastructure information.

Security researchers say 5,500 GitHub repositories have been affected by the attack.

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...

After years of trying to educate developers to use pull_request_target securely, the platform finally implements stronger ...

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...

Documentation startup Mintlify says dozens of customers had GitHub tokens exposed in a data breach at the start of the month and publicly disclosed last week. Mintlify helps developers create ...

GitHub has introduced the GitHub Copilot app, a desktop control centre for agent-native development that aims to keep ...

According to Microsoft, the decision to open source GitHub Copilot Chat stems from a growing demand for transparency in how AI-assisted developer tools work -- particularly around prompt engineering, ...