GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code ...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
Dark Reading

Shai-Hulud Worm Clones Spread After Code Release

The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm ...

OpenAI confirms security breach in TanStack supply chain attack

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and ...
The Hacker News

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...
InfoWorld

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary source code. An Anthropic employee accidentally exposed the entire ...