The Hacker News

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

More than 30 security flaws in AI-powered IDEs allow data leaks and remote code execution, showing major risks in modern ...
ZDNet

GitHub rolls out new Code Scanning security feature to all users

Code-hosting website GitHub is rolling out today a new security feature named Code Scanning for all users, on both paid and free accounts. GitHub says the new Code Scanning feature "helps prevent ...
Bleeping Computer

GitHub code scanning now finds more security vulnerabilities

Code hosting platform GitHub today launched new machine learning-based code scanning analysis features that will automatically discover more common security vulnerabilities before they end up in ...
The Hacker News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.
Security Boulevard

Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...
InfoQ

Git 2.39.1 Fixes Two Critical Remote Code Execution Vulnerabilities

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...
InfoWorld

Contagious Interview attackers go ‘full stack’ to fool you

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a ...

Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws

Microsoft' 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day ...