Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
Cybernews

Hackers hijack Microsoft packages to steal developer logins

Security researchers have discovered credential-stealing malware in dozens of Microsoft open-source software packages. On ...
Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

YouTuber PewDiePie Launches Free AI That Runs Privately On Your PC, Taking on Claude and ChatGPT

PewDiePie has released Odysseus, a free and open-source AI workspace that runs on a user’s own computer. The project is not a new AI model. Instead, ...
Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...
XDA Developers on MSN

Krita's AI plugins do what Photoshop charges $120 a year for, and the results surprised me

I'm not going back to Photoshop ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...
InfoWorld

GitHub adds new Copilot features as usage-based billing takes effect

A desktop app and a new collaborative work surface could boost developer productivity, but enterprises will need stronger ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...