ConsentFix v3 attacks target Azure with automated OAuth abuse

A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding ...
Microsoft

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments

A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud ...

How Microsoft’s GitHub just told everyone that AI agents are 'behind' recent outages: We hear the pain you are

GitHub CTO Vlad Fedorov has published a public apology after two major incidents left thousands of repositories and pull ...

ActiveState Curated Catalog Secures AI-Generated Code Across Any Development Environment

ActiveState, a global leader in trusted, managed open source software, today announced expanded support for AI-assisted development environments through the ActiveState Curated Catalog. Because the ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...
InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
Visual Studio Magazine

VS 2026 Joins VS Code with Integrated Cloud Agent: Assign a Task, Close the IDE, Get a PR

Visual Studio 2026 has further integrated GitHub Copilot's cloud agent to its Copilot Chat picker -- catching up to VS Code -- and the async workflow it enables, where a task runs on GitHub Actions ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

GitHub pivots to ‘Availability First' as AI agent surge triggers reliability crisis

After a string of frustrating outages, GitHub is finally breaking its silence on what's happening behind the scenes and its ...
Hosted on MSN

Level up your Azure DevOps pipelines for 2026

Azure DevOps pipelines in 2026 are becoming faster, smarter, and more reliable with a focus on YAML-first configurations, automation, and performance tuning. Teams can now combine streamlined ...
Holistic AI

Shadow AI Discovery: Risk Scoring, Staging & One-Click Reconciliation

Unified AI governance: discover shadow AI, prioritize risk, and reconcile assets into an audit-ready inventory across all ...