Opinion

NHS to close-source hundreds of GitHub repos over AI, security concerns

The UK's National Health Service (NHS) is ordering all of its technology leaders to temporarily wall off the organization's open source projects over concerns relating to advanced AI and Anthropic's ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
New Scientist

Backlash builds over NHS plan to hide source code from AI hacking risk

NHS England is pulling its open-source software from the internet because of fears around computer-hacking AI models like ...
Dark Reading

Trellix Source Code Breach Highlights Growing Supply Chain Threats

Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, ...

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub employees fixed a critical remote code execution vulnerability in less than six hours last month. Wiz Research used AI ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

GitHub patches critical 'git push' remote code execution bug

Microsoft-owned open source code hosting platform GitHub has acknowledged and patched a critical vulnerability that allowed ...

eScan Enterprise DLP Closes Critical GitHub Access Control Gap for Organizations

GitHub Team accounts leave enterprises exposed. eScan enforces corporate-only authentication across all GitHub tiers — ...

Microsoft finally open sources DOS 1.0 - and it's so much more than the code

Microsoft finally open sources DOS 1.0 - and it's so much more than the code ...

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository ...
Dark Reading

Reverse Engineering With AI Unearths High-Severity GitHub Bug

Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and ...

"GitHub is failing me, every single day, and it is personal": After Xbox and Windows, now GITHUB is in crisis — Microsoft, what are you doing?

One of GitHub's most staple contributors announced they are abandoning ship due to constant outages. GitHub's COO responds, ...