Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
InfoWorld

GitHub shifts Copilot to usage-based billing, signaling a new cost model for enterprise AI tools

The move reflects rising compute demands and agentic workflows, requiring CIOs to rethink budgeting and governance.

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub employees fixed a critical remote code execution vulnerability in less than six hours last month. Wiz Research used AI ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
Windows Report

GitHub Patches Severe RCE Flaw Impacting Enterprise Server Deployments

GitHub patched critical RCE flaw CVE-2026-3854 in hours, preventing potential repo takeover and enterprise server compromise.
TechJuice

SAP npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

GitHub Copilot shifts to usage-based pricing June 1 - why that's no surprise

Under the new approach, if you run out of credits, you can't use the service. GitHub plans to preview the new billing in ...
Windows Report

GitHub Puts "Availability First" as It Rethinks Scaling Priorities Following Recent Outages

GitHub outlines new plan after outages, prioritizing availability, scaling capacity, and improving reliability as AI-powered ...
Visual Studio Magazine

VS Code Curbs Token Use Ahead of Copilot's Controversial Usage-Based Billing Switch

Just two days after GitHub announced usage-based billing for Copilot, Microsoft shipped VS Code 1.118 -- under its new weekly release cadence -- with significant token efficiency improvements designed ...

Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

Anthropic’s Powerful New Cybersecurity Tool Is Designed to Find Vulnerabilities in Your Code—and Patch Them

According to Anthropic, Claude Security is intended for security teams and was initially released in research preview as ...

GitHub Copilot to Move to Usage-Based Billing on June 1

One week after confirming that GitHub Copilot will move to a usage-based billing model, Microsoft has set a date for the ...