Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
https//beincrypto.com

Buy Now, Pay Maybe Explained: Why Tuyo’s Crypto Card Faces Gambling Comparisons

Buy Now, Pay Maybe (BNPM) sounds similar to Buy Now, Pay Later (BNPL), but the risks and rewards in both work very differently. BNPL usually splits a purchase into installment payments. In contrast, ...

Don't Want to Wait for iOS 27? Shortcuts Playground From MacStories Generates Shortcuts Using AI

Apple is rumored to be adding an AI feature for creating shortcuts with natural language to the Shortcuts app in iOS 27, but ...

AI is turbocharging “wizards” on 4Chan who take orders to nudify images of women

A new ISD analysis and WIRED reporting show how 4chan users are turning nonconsensual AI nudes into a repeatable system built ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
Windows Report

VS Code Gets Remote AI Agents, HTML Preview And Terminal Optimizations

Microsoft has released VS Code 1.121 with remote AI agents, Mermaid rendering, HTML previews, and terminal optimizations.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

GitHub says a data breach impacted 3,800 internal repositories.

The company traced the incident to a “poisoned” VS Code extension on an employee’s device. While the hacking group TeamPCP has claimed responsibility for the breach, GitHub says it has since removed ...