Tech Times

VS Code Agents Hit Stable: Air-Gapped BYOK Unlocks Enterprise AI Coding

VS Code agents are now in Stable preview, and the 1.122 update removed the GitHub OAuth requirement from BYOK, letting defense, healthcare, and finance developers run fully air-gapped AI-assisted ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
WinBuzzer

VS Code Exploit Can Steal GitHub Tokens via github.dev

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.
comparethecloud.net

GitHub VSCode extension breach exposes developer toolchain as a primary attack surface

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by millions of developers daily. The incident is the latest in a pattern of ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
TechCrunch

GitHub says hackers stole data from thousands of internal repositories

GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said ...
Bleeping Computer

GitHub confirms breach of 3,800 repos via malicious VSCode extension

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...
cybernews

GitHub confirms breach after hackers put stolen source code up for sale

GitHub confirmed that attackers gained unauthorized access to its internal repositories after an employee's device was compromised through a poisoned Visual Studio Code extension. The threat actor ...
TheServerSide

Full Git and GitHub tutorial for beginners

Git isn't hard to learn, and when you combine Git and GitHub, you've just made the learning process significantly easier. This two-hour Git and GitHub video tutorial shows you how to get started with ...
TheServerSide

How to use GitHub Copilot tutorial

Imagine having a coding partner at your side who knows more languages than you, fully comprehends all the technical documentation, completely understands your codebase and is willing to do all the low ...
Visual Studio Magazine

Hands On with Microsoft's New VS Code Agents Preview -- Now in Insiders

Visual Studio Code Agents ships with VS Code Insiders, launches separately from the editor, and starts with its own sign-in, workspace selection, trust, and approval flow. In a real editorial ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...