Computing

GitHub confirms major breach linked to poisoned VS Code extension

Hackers have stolen data from thousands of GitHub's internal code repositories after compromising an employee's device ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
New Scientist

NHS England rushes to hide software over AI hacking fears

National Health Service rules state that all software created with public money should be publicly available, but fears of computer-hacking AI models like Mythos have prompted a change in policy ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...
SecurityWeek

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

The TeamPCP hacking group has released the Shai-Hulud worm’s source code and is challenging miscreants to use it in attacks.
WFTV

Orlando security company finds 90% of U.S. critical infrastructure software rely on code from China

ORLANDO, Fla. — The U.S. Department of Energy reports just last year, the country saw at least five cyber-attacks to our power grids from Washington state to here on the East Coast. Florida alone was ...
Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
Forbes

The Future Of Code: How AI Is Transforming Software Development

Rupesh Dabbir is a Software Engineering Manager at Google with over a decade of experience building highly scalable systems in the cloud. The emergence of artificial intelligence (AI) is transforming ...