Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...
Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
Anthropic executives said it was an accident and retracted the bulk of the takedown notices.
Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...
The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading ...
The Red Sun vulnerability repository. Contribute to Nightmare-Eclipse/RedSun development by creating an account on GitHub.
Users of GitHub's command-line interface (CLI) who value privacy, beware. The Microsoft-owned code-hosting platform has quietly begun collecting pseudonymous client-side telemetry from CLI users and ...
Discover the key differences between Claude cloud-based Ultra Plan and the highly detailed local Superpowers tool.
GitHub is hardening Actions with deterministic dependencies, scoped secrets, and policy controls. Teams still need immediate ...
What should have been a routine release has revealed some of the features Anthropic has been working on for Claude Code. As reported by Ars Technica, The Verge and others, after the company released ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results