PeopleSoft vulnerability mitigated by Oracle this week has been exploited by ShinyHunters as a zero-day to steal data from ...

A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.

VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.

Oracle has issued an out-of-band patch for a remote code execution (RCE) zero-day vulnerability affecting its PeopleSoft Enterprise PeopleTools product that is being exploited in a rapidly-spreading ...

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security risks surrounding modern development environments. According to published ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...

GitHub confirms an employee’s compromised device led to exfiltration of internal repositories via a poisoned VSCode extension Threat actors TeamPCP are selling an archive of roughly 4,000 repos on the ...