GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.
Tech Times

Open Source Robotics AI Reaches Inflection Point: LeRobot Hub Surpasses 58,000 Datasets in One Year

Open source robotics AI platform LeRobot surpassed 58,000 community datasets in 2026 — 50x growth in under a year — making it the largest dataset category on Hugging Face and signaling a ...
Cryptopolitan on MSN

Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...
WinBuzzer

New DeepSWE Benchmark Puts GPT-5.5 Ahead of Claude Opus 4.7

Datacurve's new DeepSWE benchmark puts GPT-5.5 ahead of Claude and challenges older AI coding rankings by arguing verifier design can distort results.
Hosted on MSN

Python mini-projects that supercharge your skills

Small, focused Python projects are one of the fastest ways to grow your coding skills. From automating daily tasks to experimenting with AI, these mini-projects turn theory into hands-on experience.
Bleeping Computer

Trellix source code breach claimed by RansomHouse hackers

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. Yesterday, the ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
CNET

Today's NYT Mini Crossword Answers for Saturday, May 9

CNET editor Gael Fashingbauer Cooper, a journalist and pop-culture junkie, is co-author of "Whatever Happened to Pudding Pops? The Lost Toys, Tastes and Trends of the '70s and '80s," as well as "The ...