New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

Across social media and forums, many Copilot users are sharing personal statistics showing how just a few hours of AI usage ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
InfoWorld

GitHub adds new Copilot features as usage-based billing takes effect

A desktop app and a new collaborative work surface could boost developer productivity, but enterprises will need stronger ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

Microsoft’s GitHub was positioned to win the AI coding race. Outages got in the way

GitHub's user base has swelled under Microsoft's ownership, but the software repository has fallen behind newer rivals in the ...

GitHub Copilot users get a rude awakening as new AI pricing goes into effect

GitHub Copilot's internal estimator suggests some users could pay hundreds more under a usage-based AI pricing model that ...
Newspoint on MSN

The AI bill is coming due: GitHub's Copilot move has startups on alert

From June 1, the code repository platform GitHub moved its Copilot AI-coding assistant from a flat subscription-based model ...

Microsoft Build decoded: Solara, Scout, AI models, GitHub’s woes and more with Mary Jo Foley

This week on the GeekWire Podcast, we break down the news from Microsoft Build from Project Solara and the Scout agentic ...
The Hacker News

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...