New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

Across social media and forums, many Copilot users are sharing personal statistics showing how just a few hours of AI usage ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Microsoft’s GitHub was positioned to win the AI coding race. Outages got in the way

GitHub's user base has swelled under Microsoft's ownership, but the software repository has fallen behind newer rivals in the ...
The Hacker News

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.

GitHub Copilot users get a rude awakening as new AI pricing goes into effect

GitHub Copilot's internal estimator suggests some users could pay hundreds more under a usage-based AI pricing model that ...
Newspoint on MSN

The AI bill is coming due: GitHub's Copilot move has startups on alert

From June 1, the code repository platform GitHub moved its Copilot AI-coding assistant from a flat subscription-based model ...

Microsoft Build decoded: Solara, Scout, AI models, GitHub’s woes and more with Mary Jo Foley

This week on the GeekWire Podcast, we break down the news from Microsoft Build from Project Solara and the Scout agentic ...

GitHub just switched Copilot to metered billing, and developers are watching months of credits vanish in a single day

Back in April, the company said it would move all Copilot plans to a usage-based system that bills users based on actual AI ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...
Memeburn

Hackers Steal 3,800 GitHub Repos Through Fake VS Code Extension

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...