Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

Okta Inc. has experienced a data breach in which hackers accessed some of its source code repositories, BleepingComputer reported today. Nasdaq-listed Okta provides an identity management platform ...

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.

YARMOUTH, Maine – It’s been a hard year for security at identity and access management company Okta, with its most recent data breach incident causing the company to lose its source code to threat ...

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...

Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data. Unlike many extortion groups ...

Check Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands and steal API keys through repository ...

At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain. The Octopus Scanner malware, which targets the Apache ...

The attacks started earlier today, appear to be coordinated across Git hosting services (GitHub, Bitbucket, GitLab), and it is still unclear how they are happening. What it is known is that the hacker ...

Facepalm: GitHub serves as a colossal hub for software development, hosting nearly half a billion code projects created by hundreds of millions of developers worldwide. Given its extensive reach and ...

A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 ...