Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

Ai2 launches family of open-source AI developer agents that adapt to any codebase

According to the Allen Institute for AI, coding agents suffer from a fundamental problem: Most are closed, expensive to train ...

Microsoft Virtual Studio Code is being targeted by North Korean hackers

The contagious interview campaign continues.
Security Boulevard

APT Attacks Target Indian Government Using GOGITTER, GITSHELLPAD, and GOSHELL | Part 1

IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...

This week in AI updates: GitHub Copilot SDK, Claude’s new constitution, and more (January 23, 2026)This week in AI updates: GitHub Copilot SDK, Claude’s new constit…

GitHub Copilot SDK allows developers to embed agentic capabilities into applications using GitHub Copilot CLI's execution ...
Analytics Insight

Fake Recruiters Linked to North Korea Hit 3,100 IPs in Global Cyber Campaign

North Korean-linked hackers have targeted more than 3,100 IP addresses tied to AI, crypto, and finance firms through fake job interviews. The campaign used frau ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...
Security Boulevard

APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
CPO Magazine

Hackers Are Auctioning 860GB of Source Code Stolen From Target’s Development Server

Hackers have listed 860GB of private source code and assets stolen from Target’s Gitea self-hosted software development ...