GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension

GitHub has confirmed a breach involving roughly 3,800 internal repositories after an employee device was compromised through a malicious VS Code extension. The TeamPCP hacker group claims it stole internal source code and …

Infrawatch secures $3M pre-seed for internet infrastructure intelligence

London-based cybersecurity startup Infrawatch has raised $3million in a pre-seed funding round co-led by Outward VC and Triple Point Ventures, with participation from Portfolio Ventures and a group of…

Discord enables end-to-end encrypted voice and video calling for every user

Good news! Discord’s hundreds of millions of users now have their communications scrambled, so not even Discord can see them.

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.

US cyber agency CISA exposed reams of passwords and cloud keys to the open web

The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journalist Brian Krebs.

Microsoft Does U-Turn On Edge ‘By Design’ Password Vulnerability

Microsoft has confirmed a “defense-in-depth change will come to every supported version of Edge” after initially refusing to address browser password security issue.

iOS 27 AI Siri—New iPhone Feature Offers Users A Bold New Choice

Apple will give iPhone users the ability to choose whether to delete AI-Powered Siri chats in iOS 27, according to Bloomberg’s Mark Gurman. Here’s what that means.

AI is raising hell for Linux managers buried under a flood of dupe bug reports

Linus Torvalds says duplicate AI-assisted bug reports are turning Linux security work into a triage headache, showing how AI can create maintenance problems even when it finds real issues.

CRACI raises €1.4M for EU cybersecurity compliance platform

Finnish cybersecuritystartup CRACI has raised €1.4 million in pre-seed funding in a round led byLifeline Ventures, with participation from First Fellow Partners and Wave Ventures. The funding will sup…