Microsoft has announced the limited public preview of Copilot Autofix for GitHub Advanced Security for Azure DevOps, ...
Stop coding without these extensions ...
A new report in Security Week warns about a cyberattack that infected 5,561 GitHub open-source repositories with malware. Cybersecurity researchers at SafeDep detailed how the May 18 supply chain ...
This blogpost covers newly discovered activities attributed to FrostyNeighbor, targeting governmental organizations in Ukraine. FrostyNeighbor has been running continual cyberoperations, changing and ...
The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are becoming a new software supply chain attack vector. A malicious Hugging ...
I'd like to thank my coauthors Adrian Schipor, Victor Vrabie, Marius Baciu, and Martin Zugec for their invaluable contributions to this research. This research provides a direct look at the new ...
Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical assessment materials.
Generative Pre-trained Transformer (GPT) models, which are large language models based on the transformer architecture, have enabled natural-language interaction with humans. GPT models have ...
Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...
Ubuntu 25.10 releases on October 9th, and the ‘Questing Quokka’ (that’s the codename) doesn’t travel light — its knapsack is filled with new features. There are foundational changes that boost the ...
Hackers have contaminated the Open VSX marketplace, which is used by millions of developers, with malware that steals cryptocurrency, credentials, and other sensitive data. The latest wave of ...