News

Recent GitHub supply chain attack traced to leaked SpotBugs token
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen ...
Indians fastest growing developer community: GitHub COO
"Indian developers are now the second-largest contributors to public generative AI projects-up 79% from last year. They're ...
SecurityWeek8d
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.
GitHub is adding one million developers in India every 3 months: COO Kyle Daigle
Student education will be a big focus area for GitHub in India, Daigle said. This includes helping high school and university ...
The Hacker News5d
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.
Fake Microsoft Office add-in tools push malware via SourceForge
Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims' computers to both ...
Hackers use SourceForge to spread crypto malware disguised as Microsoft Office tools
A SourceForge malware campaign has infected over 4,600 users with crypto-mining and ClipBanker tools disguised as Microsoft ...
InfoWorld2d
DSPy: An open-source framework for LLM-powered applications
DSPy shifts the paradigm for interacting with models from prompt hacking to high-level programming, making LLM applications ...
GitHub COO Kyle Daigle on 'vibe coding' and why one should still learn to code in the AI era
In an interview, GitHub COO Kyle Daigle also spoke about what’s next for the Microsoft-owned developer platform and the ...
InfoWorld3d
AI will require more software developers, not fewer
Data show AI assistants make it significantly faster and easier to develop software, spurring companies to tackle more ...