The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
Hackaday

Automatic Tutorial Generator Is Perhaps The Best-Case For Vibe Coding

Quick question: how did you learn to code? It probably wasn’t bribing someone a year or two ahead of you in CS to finish all ...
Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...