The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

Open-source software unlocks rapid DNA structure generation and analysis in one workflow

Computational chemists at the University of Amsterdam's Van 't Hoff Institute for Molecular Sciences have developed a ...
TMCnet

dltHub Named 2026 Snowflake Startup Program Product Partner of the Year

SAN FRANCISCO, June 3, 2026 /PRNewswire/ -- dltHub, the company behind the open-source Python library dlt and the agentic ...

OpenAI extends Codex with productivity tools for nontechnical users

Codex’s new plugin collection is rounded out by two extensions for salespeople and data science teams. Both can automate data ...
diginomica

Determinism all the way down – how UiPath's market bet and the engine beneath it turn out to be the same idea

UiPath cofounder and CEO Daniel Dines goes deep on the machinery under the platform – the Temporal engine that lets an ...
Biometric Update

Notre Dame researchers release open-source iris recognition tools built for NIST testing

The work addresses a gap in biometric testing, as NIST’s IREX has focused primarily on closed-source commercial iris ...
Tech Times

AI vs AI Cybersecurity: Sysdig Documents First LLM-Agent Intrusion in the Wild

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...
Martin Cid Magazine

GlassWorm hid invisible code in VS Code extensions for a year before its takedown

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...
InfoWorld

IBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterprise

The $5 billion Project Lightwell initiative combines AI systems with 20,000 engineers to deliver validated fixes directly ...

CrowdStrike takes down major botnet targeting developers across the world

The Glassworm botnet is no more, thanks to coordinated efforts between CrowdStrike, Google, and the Shadowserver Foundation.
Computer Weekly

Glassworm botnet that targeted OS devs smashed to pieces

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...
The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.