In early 2025, a class-action lawsuit against GitHub, Microsoft, and OpenAI over Copilot’s use of open-source training data ...

Anthropic is testing a Bug Crawl feature in Claude Code, letting users scan repositories for bugs and get fix suggestions. No ...

Building software repositories typically requires significant manual effort. Recent advances in large language model (LLM) agents have accelerated automation in software engineering (SWE). We ...

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

GitLab (GTLB) has been on a mission to prove it's more than just a code repository. And its latest moves suggest it's serious ...

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.

Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...

Check Point researchers have found that popular AI coding assistants are unintentionally leaking sensitive internal data, ...