Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Business Insider

GitHub Copilot users get a rude awakening as new AI pricing goes into effect

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. GitHub Copilot warned in April that the status quo was "no longer sustainable." Now, power users of ...

Mary Jo Foley: No Copilot ‘Super App’ at Microsoft Build, but plenty of agentic fodder

Microsoft teased its rumored Copilot "Super App" at Build but didn't demo it. Longtime Microsoft watcher Mary Jo Foley ...

Microsoft Ends Claude Code Licenses As It Shifts Developers To Copilot

Microsoft ends Claude Code licenses and shifts developers to its in‑house Copilot model, signaling a strategic move toward AI ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...