Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Game Rant

Roblox Shoot the Brainrots Codes

For over 5 years, Arthur has been professionally covering video games, writing guides and walkthroughs. His passion for video games began at age 10 in 2010 when he first played Gothic, an immersive ...
decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Add Decrypt as your preferred source to see more of our stories on Google. Microsoft researchers found that Anthropic's Claude Code GitHub Action could be manipulated through prompt injection attacks.
Microsoft

Securing CI/CD in an agentic world: Claude Code Github action case

Microsoft Threat Intelligence discovered that Anthropic’s Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted GitHub content, including issue bodies, pull ...
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible ...
National Hockey League

Jarvis' traveling party follows Hurricanes forward to Stanley Cup Final

RALEIGH, N.C.-- Seth Jarvis' traveling band of friends from Winnipeg followed him to Milan to play in the 2026 Winter Olympics for Canada, so they weren't going to miss watching the Carolina ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
MIT Technology Review

Anthropic’s Code with Claude showed off coding’s future—whether you like it or not

As tools like Claude Code get better, more and more developers are happy to hand off coding tasks to them. The way software gets built has changed for good. The vibes were strong at Code with Claude, ...
TechCrunch

GitHub says hackers stole data from thousands of internal repositories

GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said ...
Bleeping Computer

GitHub investigates internal repositories breach claimed by TeamPCP

Update May 20, 04:17 EDT: GitHub has now confirmed the breach of ~3,800 internal repositories after an employee installed a malicious VS Code extension. GitHub is investigating a breach of its ...
SecurityWeek

GitHub Confirms Hack Impacting 3,800 Internal Repositories

The TeamPCP hacking group accessed the repositories after a GitHub employee installed a poisoned VS Code extension. Microsoft-owned code-hosting platform GitHub on Wednesday morning confirmed that ...