GitHub confirms breach — thousands of internal repositories hit after employee installs malicious VS Code extension

An archive of roughly 4,000 repositories is reportedly being offered for sale on the dark web, by threat actors known as ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...