Tech Times

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub Copilot security scanning arrives in the terminal with /security-review, an experimental pre-commit slash command that ...

Are designers the new SWEs? Figma Make's new two-way GitHub integration turns designs into live, production code — with built-in governance

From an enterprise governance perspective, this means visual AI edits are subject to the exact same continuous integration ...
SecurityWeek

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.
Tech Times

GitHub Copilot Replaces GPT-4 With Project Polaris, Ships Multi-Agent VS Code at Build

GitHub Copilot multi-agent support for VS Code launched at Microsoft Build 2026 alongside Project Polaris, an in-house AI ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
TechRadar

GitHub confirms breach — thousands of internal repositories hit after employee installs malicious VS Code extension

GitHub confirms an employee’s compromised device led to exfiltration of internal repositories via a poisoned VSCode extension Threat actors TeamPCP are selling an archive of roughly 4,000 repos on the ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
DATAQUEST

Figma Make shows how AI is blurring the line between design and code

Figma Make’s new code workflow points to a larger shift where AI is bringing design, development, and product teams closer ...
InfoWorld

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its ...
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...
Windows Report

Microsoft Launches GitHub Copilot Desktop App for Agent-Native Development

GitHub launches a new Copilot desktop app with AI agents, code review upgrades, sandboxes, and automation tools for ...

GitHub Actions outage told devs 'your account is suspended'

Following every major outage there is discussion of GitHub alternatives, with some organizations moving to self-hosted code repositories and/or CI/CD. GitHub is sticky though, par ...