The GitHub hack was one plugin away from being your problem too

An infected VS Code extension compromised around 3,800 repositories owned by GitHub. And that's something that all developers ...
Morning Overview on MSN

GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee ...

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...

Git is unprepared for the AI coding tsunami

Perhaps most notable is Jujutsu, a Git-compatible distributed version control system, stewarded by Google senior software ...
InfoWorld

GitHub scales back bug bounties, reminds users security is their responsibility too

The cloud code repository asks security researchers to cut out the AI-generated noise and focus on reporting security ...