Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Dark Reading

AI-Assisted Supply Chain Attack Targets GitHub

PRT-scan is the second campaign in recent months where a threat actor has leveraged AI for automated targeting of a ...

LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

Anthropic says no sensitive data exposed in leak of code behind Claude AI agent

Anthropic said no sensitive customer data were exposed after accidentally revealing the underlying instructions it uses to ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows across Microsoft, DataDog, and CNCF Projects

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
The Australian Financial Review

Lenders struggle to find insurance cover for mega data centre projects

New York/London | Lenders looking to fund the build-out of data centres are being put off by a lack of sufficient insurance cover, as tech companies’ huge investment in the AI sector drives up the ...

Hackers are using fake coding jobs to spread malware through GitHub

The malware at the center of it, dubbed Omnistealer by investigators, uses public blockchains not just for payments, but as ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...
Marketing

The Customer Data Conundrum: How CX Leaders Can Optimize Both Privacy and Personalization

After two years of major pivots and accelerated digital transformations, brands are taking a close look at the way they handle customer data. There's no question that the insights companies draw from ...