Bleeping Computer

LofyGang hackers built a credential-stealing enterprise on Discord, NPM

The 'LofyGang' threat actors have created a credential-stealing enterprise by distributing 200 malicious packages and fake hacking tools on code hosting platforms, such as NPM and GitHub. Researchers ...
CoinDesk

Hackers Are Using Fake GitHub Code to Steal Your Bitcoin: Kaspersky

The GitHub code you use to build a trendy application or patch existing bugs might just be used to steal your bitcoin BTC $93,235.03 or other crypto holdings, according to a Kaspersky report. GitHub ...
CSOonline

GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos

Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising fresh alarms for OSS supply chain security. A threat group dubbed “Banana ...
ZDNet

GitHub's new Agent HQ gives devs a command center for all their AI tools - why this is a huge deal

GitHub launches Agent HQ to unite Codex, Claude, and Jules. Developers can now manage multiple AI agents side by side. Mission Control gives coders one command center for all AI tools. Today, at ...