GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...

Hackers exfiltrated roughly 3,800 of GitHub Inc.’s internal code repositories after one of its employees installed a poisoned Visual Studio Code extension, the Microsoft Corp.-owned developer platform ...

Key details are still missing, but Trellix says it found no evidence of source code release or distribution process being affected.

On May 11, 2026, several TanStack packages on npm were briefly replaced with malicious versions, raising fresh concerns about how attackers can use trusted open-source software to reach developer ...

On May 19 GitHub confirmed the security breach across its social media channels, verifying that there was unauthorized access to internal repositories and stating that it was monitoring the situation ...

A popular developer of open source analytics software has revealed that a recent data breach and extortion incident was ...

Cybersecurity vendor Trellix published a terse statement last Friday, disclosing that a threat actor recently gained unauthorized access to "a portion of our source code repository." Trellix did not ...