The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

NVIDIA CEO Jensen Huang promises new 'RTX Spark' Windows on Arm chips will run every Windows app ever made

In an attempt to quell people's concerns around app compatibility with Windows on Arm, NVIDIA's CEO says that its new RTX ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...