GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...

Pervaziv AI Releases AI Code Review 2.0 GitHub Action for Repository-Wide Security Scanning and AI-Powered Remediation

New release integrates automated security scanning, AI-powered remediation, and GitHub-native workflows for enterprise ...

HiddenLayer Releases the 2026 AI Threat Landscape Report, Spotlighting the Rise of Agentic AI and the Expanding Attack Surface of Autonomous Systems

HiddenLayer, the leading AI security company protecting enterprises from adversarial machine learning and emerging AI-driven threats, today released its 2026 AI Threat Landscape Report, a ...
TMCnet

SpecterOps Expands Identity Attack Path Management to Okta, GitHub, and Mac

SpecterOps, creators of BloodHound and leader in identity Attack Path Management (APM), today announced new coverage for Okta ...

Why Garry Tan’s Claude Code setup has gotten so much love, and hate

Thousands of people are trying Garry Tan's Claude Code setup, which was shared on Github. And everyone has an opinion: even ...
TMCnet

ActiveState Launches Curated Catalogs to Neutralize Security Risks in AI-Generated Code

New private repository secures the AI-driven development boom by grounding LLMs in a library of 79 million vetted, ...

Pervaziv AI Launches Cortex 3.0 in Chrome, Edge and Firefox – World’s First Cross-Browser/IDE AI Coding & Security Agent

Cortex 3.0 delivers AI-powered code generation, vulnerability scanning, Enterprise AI & DevSecOps integrations, ...
Developer Tech

OpenAI offers free AI coding tools to open-source maintainers

Open-source projects form much of the foundation of modern software, with many systems used in the industry relying on code ...

OpenAI reportedly developing internal code repository following GitHub outages

OpenAI reportedly developing internal code repository following GitHub outages ...