GitHub
VS Code Zero-Day Exposes GitHub Tokens as Supply-Chain Attacks Breach 3,800 Internal Repositories
Unpatched OAuth vulnerability allows single-click credential theft while poisoned extension compromises GitHub's own infrastructure in 18 minutes.
Longest-Running Supply Chain Poisoning Campaign Hits GitHub, 3,800 Repos Stolen
TeamPCP's self-replicating worm compromised seven waves of open-source infrastructure in nine weeks, evading every CVE scanner and provenance system in production.
CISA Exposed AWS Keys and Plaintext Passwords on GitHub for Six Months
America's cybersecurity agency left 844 MB of sensitive credentials in a public repository while its workforce shrank by a third and leadership remained vacant.
GitHub’s Metered Copilot Pricing Exposes the AI Inference Cost Crisis
Microsoft's shift from unlimited to usage-based billing admits current enterprise AI economics are fundamentally broken—and signals identical restructuring across the industry.
GitHub Reverses Developer Code Protection, Implements Opt-Out AI Training Starting April 24
Microsoft's subsidiary abandons 2021 commitment to exclude user code from Copilot training as AI profitability pressures mount and regulatory frameworks diverge.
GitHub’s Geopolitical Exposure Puts Open Source at Risk
Microsoft's ownership and US trade law compliance expose developers worldwide to sanctions and access restrictions, reviving questions about centralized code hosting.