Developer Security

The Extension Blind Spot: How One VS Code Plugin Gave Attackers GitHub's Source Code

The Extension Blind Spot: How One VS Code Plugin Gave Attackers GitHub’s Source Code

| | Cybersecurity, Developer Security, GitHub Breach, supply chain
GitHub's 3,800 Repositories Stolen Through a Single IDE Extension On May 19, 2026, a single VS Code extension on a single employee's device gave attackers access to 3,800 of GitHub's internal repositories ...
Security, Decoded: Insights from Suzu Labs
Google, Wiz, Cnapp, Exabeam, CNAPP, cloud threat, detections, threats, CNAP, severless architecture, itte Broadcom report cloud security threat

Dangerous RCE Flaw in React, Next.js Threatens Cloud Environments, Apps

| | Cloud Security, Developer Security, google, Meta, React JavaScript, Remote Code Execution (RCE), vulnerability, Wiz
Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the ...
Security Boulevard

Crypto Malware Python Packages Spreading On Stack Exchange

| | Cybersecurity News, cybersecurity threats, Developer Security, information stealer, Python Packages, Stack Exchange abuse
Recent media reports have shed light on crypto malware that is being distributed via Python packages on a developer Q&A platform, Stack Exchange. The malware, if activated, is capable of draining cryptocurrency ...
TuxCare

PyPI Malicious Package Uploads Used To Target Developers

| | Check Point, Checkmarx, countermeasures, Cyber Threats, Cybersecurity, Cybersecurity News, data theft, Developer Security, digital assets, Malicious package uploads, Malware, online security, package management, persistence, Phylum, PyPI, risk mitigation, software supply chain, Typosquatting, Windows operating system
In light of the recent cybercriminal activity, new user sign-ups on the PyPI platform were halted. Currently, an increase in PyPI malicious package uploads is being deemed the reason behind the suspension ...
TuxCare

3 Malicious PyPI Packages Hide CoinMiner on Linux Devices

| | coinminer, Crypto, Crypto miners, Cyber Threats, Cybersecurity, Cybersecurity Weaknesses, Developer Security, Linux & Open Source News, linux systems, open source, PyPI, PyPI malicious packages, Python developers, Python Malware
In a recent cybersecurity revelation, the Python Package Index (PyPI) has fallen victim to the infiltration of three malicious packages: modularseven, driftme, and catme. These packages, although now removed, managed to amass ...
TuxCare
tools, platforms, security, tool, tooling, AI coding, tools, tools cybersecurity multi-tool

AI Coding Tools: How to Address Security Issues

| | AI, Cybersecurity, Developer Security, DevSecOps
Even though organizations are using AI-based coding, about the benefits and security fears of AI-based software development ...
Security Boulevard

Alert: NuGet Package SeroXen RAT Threat to .NET Developers

| | .net development, Cross Platform Development, Cybersecurity Best Practices, Cybersecurity News, cybersecurity threats, Deceptive Packages, Developer Security, malicious packages, NuGet Package, Open Source Ecosystem, Security Vulnerabilities, SeroXen RAT, Software Supply Chains, supply chain security
In a recent security issue, a deceptive NuGet package threatens .NET developers with the deployment of the SeroXen RAT, a harmful remote access trojan. Because the .NET framework is no longer limited ...
TuxCare
What You Can Expect at DeveloperWeek 2022 This Week

What You Can Expect at DeveloperWeek 2022 This Week

| | Developer Security, DeveloperWeek
Why Kiran Kamity, CEO of DeepFactor, and new member on the DevNetwork Advisory Board, is looking forward to DeveloperWeek 2022 Even in the early stages of designing DeepFactor, our goal was always ...
DeepFactor's Continuous Observability Blog
What Developers Need to Know About the Impact of Compliance Frameworks on Software Development

What Developers Need to Know About the Impact of Compliance Frameworks on Software Development

| | Compliance, developer, Developer Security
DeepFactor's brand-new compliance module helps developers identify when vulnerabilities and security risk jeopardize compliance goals For today’s digital businesses, protecting customer data should be a top priority. However, as product teams focus ...
DeepFactor's Continuous Observability Blog