Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines. The incident occurred on June 5, ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

A new collection of 124 million unique passwords from hundreds of millions of malware stealer log records has been confirmed ...

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Dashlane, the maker of a password manager of the same name, has shared that several users' password vaults were exposed as part of a "brute force attack." The hackers were able to download copies of ...

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.

Apple today announced that the Passwords app can now automatically update weak and compromised passwords using Apple Intelligence and Safari to take action on a user's behalf. The feature builds on ...

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.