A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Visual Studio Magazine

The Rise of OpenTelemetry in Microsoft Dev Tooling

CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and ...
Spiceworks on MSN

Did AI write the worm that breached GitHub’s own house?

A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...

Microsoft’s GitHub was positioned to win the AI coding race. Outages got in the way

GitHub's user base has swelled under Microsoft's ownership, but the software repository has fallen behind newer rivals in the ...
Redmondmag.com

Microsoft Disrupts Fox Tempest Malware-Signing Service Used in Ransomware Attacks

Microsoft has disrupted a cybercrime service that allegedly helped ransomware operators and other attackers make malware appear as verified software, the company said last week.