ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...
CPO Magazine

Hackers Are Auctioning 860GB of Source Code Stolen From Target’s Development Server

Hackers have listed 860GB of private source code and assets stolen from Target’s Gitea self-hosted software development ...

Microsoft to its software engineers: Use both Claude Code and GitHub Copilot, give...

Microsoft is now having thousands of its software engineers test Anthropic's Claude Code alongside its own GitHub Copilot. This move signals growing confidence in AI coding tools, with even ...

Claude Code is suddenly everywhere inside Microsoft

Microsoft first started adopting Anthropic’s Claude Sonnet 4 model inside its developer division in June last year, before ...
Cryptopolitan

North Korean hackers hit 3,100+ IP addresses linked to AI, crypto, and finance using fake job interviews

North Korean-linked hackers targeted more than 3,100 IP addresses tied to AI, crypto, and finance firms using fake job ...
Visual Studio Magazine

Copilot Studio Extension for VS Code Goes GA

Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

Kilo launches AI-powered Slack bot that ships code from a chat message

Kilo Code, an open-source AI coding startup backed by GitLab cofounder Sid Sijbrandij, launched Kilo for Slack to turn Slack ...
InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
Bleeping Computer

Target's dev server offline after hackers claim to steal source code

Update, Jan 13th, 2026: Multiple Target employees have now confirmed in our follow-up report the authenticity of leaked source code sample set and shared internal announcements regarding an access ...