SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
Visual Studio Magazine

Threat Actors Keep Weaponizing VS Code Extensions

Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...
TechRepublic

Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns

Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns Your email has been sent A new report from cybersecurity company Netskope reveals details about attack campaigns abusing ...
Ars Technica

Winamp deletes entire GitHub source code repo after a rocky few weeks

Winamp, through its Belgian owner Llama Group, posted the source for its “Legacy Player Code” on September 24 so that developers could “contribute their expertise, ideas, and passion to help this ...
Visual Studio Magazine

VS Code Goes Transparent as Open-Source AI Editor

According to Microsoft, the decision to open source GitHub Copilot Chat stems from a growing demand for transparency in how AI-assisted developer tools work -- particularly around prompt engineering, ...