Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

Microsoft Reveals How One Hacked Identity Triggered a Massive Cloud-Wide Breach

Microsoft says Storm-2949 used one hacked identity to infiltrate cloud systems, steal sensitive data, and spread across Azure ...

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a ...