Microsoft

Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence discovered that Anthropic’s Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted GitHub content, including issue bodies, pull ...
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub ...
Infosecurity-magazine.com

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
TechCrunch

GitHub says hackers stole data from thousands of internal repositories

GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said ...
The Hacker News

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal ...
Nature

From EEG signals to quantitative assessment: predicting depression severity using a novel deep learning framework

We are providing an unedited version of this manuscript to give early access to its findings. Before final publication, the manuscript will undergo further editing. Please note there may be errors ...
winbuzzer.com

Microsoft Shifts Engineers from Claude Code to GitHub Copilot CLI

Microsoft appears to be winding down Claude Code inside its Experiences + Devices organization and is moving engineers across Windows, Microsoft 365, Outlook, Teams, and Surface onto GitHub Copilot ...
The Verge

Microsoft starts canceling Claude Code licenses

Thousands of Microsoft developers will use GitHub Copilot CLI instead Thousands of Microsoft developers will use GitHub Copilot CLI instead is a senior correspondent and author of Notepad, who has ...
The Verge

GitHub rushed to fix a critical vulnerability in less than six hours

A critical remote code execution vulnerability was discovered using an AI model and patched within hours. A critical remote code execution vulnerability was discovered using an AI model and patched ...
Visual Studio Magazine

VS 2026 Joins VS Code with Integrated Cloud Agent: Assign a Task, Close the IDE, Get a PR

Visual Studio 2026 now surfaces a "Cloud" option in the Copilot Chat agent picker, bringing it in line with VS Code, which has offered cloud agent delegation for longer. The cloud agent runs on GitHub ...