Morning Overview on MSN

An autonomous bot running on Claude Opus just chained zero-days through GitHub Actions in the wild — poisoning Go init functions and branch names to seize remot…

An autonomous AI agent built on Claude Opus reportedly chained together zero-day vulnerabilities in GitHub Actions workflows, ...
Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...

Microsoft turns its back on Claude Code, asks employees to use GitHub Copilot instead: Report

Microsoft has instructed its employees to stop using Claude Code and instead transition to GitHub Copilot. The company had ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.
CPO Magazine

Megalodon Supply Chain Attack Infects Over 5,500 GitHub Repositories with Backdoors and Stealers

A massive supply chain attack dubbed Megalodon has infected over 5,500 GitHub repositories with credential-stealing malware, ...

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...