The GitHub hack shows how one poisoned VS Code extension gave attackers access to 3,800 internal repositories. If you rely on third-party developer tools, this breach is a warning to audit your ...

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...

Make password management as easy (and helpful) as possible. Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the ...

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to ...

Apps from Apple, Google and others can assist in making your online accounts more secure, even as new ways of logging in continue to take off. By J. D. Biersdorfer J.D. Biersdorfer writes about how to ...

The malware, built to look like Minecraft launchers and mods, gives hackers access to your screen, files, webcam, accounts, ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. In a post on a hacker forum, the threat actor is asking $25,000 for a set ...