News

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...

GitHub’s New SpecKit Guide : The Future of AI-Assisted Software Development

Discover how GitHub's SpecKit transforms AI coding with spec-driven development, offering reliability, efficiency, and ...

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Visual Studio Magazine

GitHub Spec Kit Experiment: 'A Lot of Questions'

Microsoft has published a new post explaining GitHub Spec Kit, clarifying its experimental approach to spec-driven ...

New Github Spec-Kit Boosts Claude Code Projects With Specification-Driven Planning

Discover how GitHub’s Spec-Kit and AI integration are improving software development with smarter, spec driven, streamlined ...

OpenAI Rolls Out GPT-5-Codex, a New AI Model to Take On GitHub Copilot and Cursor

OpenAI has introduced GPT-5 Codex, a cutting-edge coding AI designed to rival GitHub Copilot and Cursor AI. With improved code generation, debugging, and context understanding, GPT-5 Codex sets a new ...

Dynatrace Joins GitHub Model Context Protocol (MCP) Registry to Accelerate AI-Powered Developer Innovation

Dynatrace (NYSE: DT), the leading AI-powered observability platform, today announced its participation in the launch of the ...
SecurityWeek

Salesloft GitHub Account Compromised Months Before Salesforce Attack

Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.