Morning Overview on MSN

Microsoft unveiled MAI-Code-1-Flash, its first in-house model for turning written descriptions into working source code

Developers who rely on GitHub Copilot inside Visual Studio Code now have a new option built entirely by Microsoft. The ...
The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Github hacked, bidding war for source code at R1.6 million

GitHub said that it was hacked through a compromised employee device, with the hacker now selling private code on the dark web for hundreds of thousands.
InfoWorld

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.