GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Glassworm Malware Campaign Uses Invisible Code To Infect Hundreds Of GitHub Repos

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...
Ministry of Testing

Coaching with code: using AI to learn how to automate tests

Leverage AI as a personalised "code coach" to bridge the gap between manual testing and automation by translating plain English into executable scripts and providing line-by-line logic explanations.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Analytics Insight

GitHub's Hottest PHP Projects You Can Try in 2026

Popular PHP repositories on GitHub help developers understand real project structure and coding practices.Frameworks, tools, ...
Decrypt

OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

Why Garry Tan’s Claude Code setup has gotten so much love, and hate

Thousands of people are trying Garry Tan's Claude Code setup, which was shared on Github. And everyone has an opinion: even ...

Over 29 million secrets were leaked on GitHub in 2025, and AI really isn't helping

This is according to GitGuardian’s latest report, the “State of Secrets Sprawl” paper that was just released. In the research ...

Fake AI Developer Tools Are Distributing Amatera and AMOS Malware

Hackers are using malvertising campaigns to disguise infostealers as AI tools.

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules.