CSO Online

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...
The Hacker News

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

LofyGang resurfaces with LofyStealer disguised as Minecraft hack, exfiltrating IBANs and passwords to 24.152.36[.]241, ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

GitHub patches critical 'git push' remote code execution bug

Microsoft-owned open source code hosting platform GitHub has acknowledged and patched a critical vulnerability that allowed ...
Cryptopolitan on MSN

Hacker target the OpenVSX ecosystem to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
Visual Studio Magazine

Visual Studio 2026 Gives IntelliSense Priority in Longstanding Copilot Completion Clash

The April update suppresses Copilot completions while IntelliSense is active, addressing a long-running editor conflict.
Cybernews

Expect more prompt injection attacks on your AI agent, Google warns

Google warns prompt injection attacks are 32% up as hackers target GitHub Copilot, Claude and AI agents with $5,000 PayPal ...
InfoQ

GitHub Targets Large Merge Problem with Stacked PRs

GitHub has launched a native stacked pull request workflow through a new CLI extension called gh-stack, closing a gap that ...

What to know about how a suspect in the killing of 2 Florida students used ChatGPT

Prosecutors have revealed that a suspect in the deaths of two University of South Florida students asked ChatGPT about body ...