A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
PCMag on MSN

Password manager Dashlane reveals how a hacker stole encrypted vaults

Dashlane's update about the brute-force attack reveals a notable security gap in the 'device registration' process for the ...
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and ...
Bleeping Computer

Hacker defaces spyware app’s site, dumps database and source code

A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in the United States, and leaked over a dozen archives containing ...
TechRepublic

Hacker Exposes Amazon Q Security Flaws Using Covert Code

Generative AI virtual assistant Amazon Q was unveiled by AWS CEO Adam Selipsky in 2023. Image: AWS A hacker recently injected code into Amazon Q in order to warn users of the platform’s potential ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...
CoinDesk

Iran's Nobitex Source Code Exposed Day After Hackers Steal Tokens Across Bitcoin, EVM, Ripple Networks

The pro-Israel hacker collective Gonjeshke Darande released the full source code of Iranian crypto exchange Nobitex, just a day after orchestrating a $100 million exploit across multiple blockchains ...
SiliconANGLE

GTA V source code allegedly leaked in a tribute to jailed Lapsus$ hacker

In a gift to hackers, the source code for Rockstar Games Inc.’s hit game Grand Theft Auto 5 has reportedly been leaked online. “Reportedly” is key as various sites say that it has been leaked on a ...
Ars Technica

Hacker gains admin control of Sourcegraph and gives free access to the masses

An unknown hacker gained administrative control of Sourcegraph, an AI-driven service used by developers at Uber, Reddit, Dropbox, and other companies, and used it to provide free access to resources ...