The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

GitHub Hack Scare: Attackers Claim They Stole Internal Source Code, Thousands of Private Repositories Now Up for Sale

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, including internal source code.
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...
Android

Target Hack Claims Surface as Source Code Allegedly Listed for Sale Online

Hackers claim to be selling internal Target source code after posting samples online. The data allegedly includes developer files and system tools of a US retailer. This raises concerns about ...
Hosted on MSN

Nobitex source code leaked after $100M hack by pro-Israel group

Hackers behind a $100 million exploit of Iranian cryptocurrency exchange Nobitex released the platform’s full source code, placing remaining user assets at risk. Nobitex exchange was hacked for at ...

Trellix confirms data breach after hack of 'a portion' of its source code

Key details are still missing, but Trellix says it found no evidence of source code release or distribution process being affected.