News • Insights • Analysis
Cybercriminals are tricking GitHub into sending out fraudulent email notifications, luring software developers into downloading malware, experts have warned. Security researchers Socket, who said they observed a large-scale, coordinated spam campaign targeting developers on various projects. GitHub has a section Read More …
Vibe-coding may seem great for quickly shipping products, but inexperienced developers are leaving gaping cybersecurity holes that are causing breaches and exposures left and right. This is according to GitGuardian’s latest report, the “State of Secrets Sprawl” paper that was Read More …
Anthropic, a company founded by OpenAI exiles worried about the dangers of AI, is loosening its core safety principle in response to competition. Instead of self-imposed guardrails constraining its development of AI models, Anthropic is adopting a nonbinding safety framework Read More …
More than 1.5 million people may have had their sensitive data exfiltrated to Chinese hackers through two malicious extensions found on the VSCode Marketplace. Security researchers at Koi Security said they discovered two malicious browser extensions in Microsoft’s Visual Studio Read More …
On December 8, 2025, Koi.ai published their findings about a campaign specifically targeting software developers through weaponized Visual Studio Code extensions. Here, Trend Micro will provide a more in-depth analysis of the multistage delivery of the Evelyn information stealer. Evelyn Read More …
North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned. Security researchers Jamf confirmed they have spotted attacks in the wild Read More …
Israeli spyware maker NSO Group has confirmed to TechCrunch that a U.S. investment group has acquired the company. NSO spokesperson Oded Hershowitz told TechCrunch on Friday that “an American investment group has invested tens of millions of dollars in the Read More …
Google Threat Intelligence Group (GTIG) is tracking BRICKSTORM malware activity, which is being used to maintain persistent access to victim organizations in the United States. Since March 2025, Mandiant Consulting has responded to intrusions across a range of industry verticals, Read More …
Experts have revealed several critical vulnerabilities in GitHub Actions workflows which could pose serious risks to some major open source projects. A recent investigation by Sysdig’s Threat Research Team (TRT) has exposed how misconfigurations, particularly involving the pull_request_target trigger, could Read More …
Millions of records containing sensitive, personally identifiable information, were sitting online in yet another unencrypted, non-password-protected database, experts have warned. Found by security researcher Jeremiah Fowler, who discovered and reported his findings to vpnMentor, the database contained 3,637,107 records, and Read More …