Infosecurity Magazine

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

A likely North Korean threat actor has phished software developers at almost 100 organizations with fake job and code-review ...
Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...
Redmondmag.com

Microsoft 365 Android Coding Error Put Account Tokens at Risk

A coding error in several Microsoft 365 Android apps could have allowed a malicious app on the same device to silently obtain account tokens and act as the signed-in user, according to new research ...

Dashlane Reveals How Attackers Copied Encrypted Vaults In May 31 Incident

After some Dashlane users were locked out of accounts and a limited number of encrypted password vaults were downloaded, the ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
Dark Reading

Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover

A disabled security setting meant to protect authentication across Android versions of key apps paved the way for attackers ...
GitHub

haris-musa/excel-mcp-server

A Model Context Protocol (MCP) server that lets you manipulate Excel files without needing Microsoft Excel installed. Create, read, and modify Excel workbooks with your AI agent.