The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Electropages

Energy meter with integrated contactor control available now

Parts To You Limited now stocks the Shelly Pro EM-50 Energy Meter with Integrated Contactor Control. The device is a professional single-phase energy monitoring and remote load control in one compact ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
ProPublica

ProPublica — Investigative Journalism and News in the Public Interest

In a letter, a group of Democratic Congress members wrote that ProPublica’s reporting on the deal “reveals a staggering level of corruption and influence.” Since 2020, the state education agency has ...
Microsoft

Microsoft SQL Server downloads

Choose a SQL Server trial, edition, tool, or connector that best meets your data and workload needs. Accelerate AI development with SQL Server 2025, the AI-ready enterprise database with best-in-class ...