The Hacker News

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.
CSO Online

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its publication they should notify vendors about a bug.

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...
GitHub

JQF + Zest: Semantic Fuzzing for Java

JQF has been successful in discovering a number of bugs in widely used open-source software such as OpenJDK, Apache Maven and the Google Closure Compiler. Binary fuzzing tools like AFL and libFuzzer ...
GitHub

How to Restrict GCP Resource Access by Geographic Region Using Access Levels

Geographic access levels in GCP give you a practical way to enforce location-based access controls. By combining Access Context Manager with VPC Service Controls and Identity-Aware Proxy, you can ...