A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Guru3D

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security ...
Opinion
Morning Overview on MSNOpinion

Trellix just confirmed hackers broke into its own source code repository — exposing the cybersecurity firm’s internal systems to outside inspection

A cybersecurity company trusted to protect some of the largest networks in the country has itself been breached. Trellix, the endpoint detection and response (EDR) vendor born from the merger of ...
Business Wire

Checkmarx Expands Software Supply Chain Security with Advanced Secrets Detection and Repository Health

PARAMUS, N.J.--(BUSINESS WIRE)--With the vast majority of development teams using open source software and employing agile development, Checkmarx, the industry leader in cloud-native application ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...
VentureBeat

Atlassian Bitbucket now lets you deploy code to AWS, Microsoft Azure, DigitalOcean

Atlassian, an Australian software company preparing to go public on the NASDAQ, is announcing today that developers can now deploy code from Atlassian’s Bitbucket source code repository software onto ...
VentureBeat

GitLab acquires software chat startup Gitter, will open-source the code

GitLab, a startup that provides open source and premium source code repository software that people use to collaborate on software, is announcing today that it has acquired Gitter, a startup that ...