The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
HHS

Trellix Discloses Source Code Hack

Privately-held, extended detection and response firm Trellix disclosed over the weekend that hackers found their way to its source-code repository. See Also: Know Thy Enemy: Threats to Cyber ...
Wired

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

A WIRED investigation based on Department of Homeland Security records this week revealed the identities of paramilitary Border Patrol agents who frequently used force against civilians during ...