GitHub Copilot's move to a token-based billing model has sparked developer backlash over unpredictable costs, highlighting the industry-wide struggle to balance AI operational costs with user pricing.
Jason··2 min read
The hacker group 'TeamPCP' successfully executed a major supply chain attack on GitHub by injecting malicious code through a poisoned VS Code extension, compromising approximately 3,800 internal repositories. The breach also affected Microsoft’s Python SDK, underscoring the severe risks third-party tools pose to corporate software security.
Kenji··2 min read
GitHub confirmed a security breach where 3,800 internal repositories were stolen via a poisoned VS Code extension. The threat group TeamPCP has claimed responsibility, highlighting critical vulnerabilities in the software supply chain.
Kenji··1 min read
GitHub confirmed that 3,800 internal repositories were compromised through a poisoned VS Code extension. The attackers are attempting to sell the code, highlighting critical vulnerabilities in developer toolchains and potential regulatory liabilities for the platform.
Kenji··2 min read
GitHub is transitioning to a usage-based billing model for Copilot users, citing the inability to continue absorbing the escalating inference costs associated with high-frequency AI usage.
Leo··1 min read
Anthropic accidentally exposed 512,000 lines of code via an npm package, creating an enterprise security crisis and triggering a controversial, error-prone DMCA takedown campaign against legitimate GitHub repositories.
Jason··2 min read