Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoWorld

10 MCP servers to connect LLMs with databases

Use these official MCP servers to interact with the leading database platforms via natural language through your LLM-assisted ...
GitHub

Twilio Agent Connect for Microsoft

Multi-channel support (Voice + SMS + Chat) Built-in TAC tools (memory recall, knowledge search, Studio Flow handoff) Production reference deployments (Bicep + azd) for running your TAC agent on Azure: ...
techtimes

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft's official Visual Studio Marketplace for just 18 minutes on May 18 ...
Geeky Gadgets

New Open-Source Plugin Turns Complex Repositories Into Interactive Maps

Better Stack examines how the open source plugin Understand-Anything simplifies navigating complex codebases by turning repositories into interactive, queryable knowledge graphs. Combining static code ...
usaherald

Microsoft’s Sudden AI Reversal Sparks Internal Chaos as Thousands Lose Access to Popular Claude Code Tool Amid Copilot Push

Microsoft’s aggressive push into artificial intelligence has taken a dramatic turn, and thousands of employees are now caught in the middle of a growing internal shakeup that is raising serious ...
Bleeping Computer

GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack.
Infosecurity-magazine.com

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft ...
SecurityWeek

GitHub Confirms Hack Impacting 3,800 Internal Repositories

The TeamPCP hacking group accessed the repositories after a GitHub employee installed a poisoned VS Code extension. Microsoft-owned code-hosting platform GitHub on Wednesday morning confirmed that ...
GitHub

GHAS Azure DevOps Test

This is a standalone demo repo for learning GitHub Advanced Security in Azure DevOps. This repo is designed to be imported into Azure Repos before you run the pipeline. The Azure DevOps GHAS pipeline ...