GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
The Hacker News

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Laravel-Lang compromise tagged 700+ versions on May 22–23, 2026, triggering PHP stealers that exfiltrate credentials.
The Hacker News

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Megalodon pushed 5,718 malicious GitHub commits in 6 hours, exposing CI secrets and cloud credentials at scale.
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and ...
WinBuzzer

Microsoft Expands Azure Linux Into Azure VM Preview

Microsoft has expanded Azure Linux into Azure VM previews while pushing Azure Container Linux to general availability, ...
Barron's

Host Hotels & Resorts Inc.

Copyright 2020 FactSet Research Systems Inc. All rights reserved. Source: FactSet Fundamentals Stocks: Real-time U.S. stock quotes reflect trades reported through ...
Morningstar

Host Hotels & Resorts Inc HST

Significant new supply throughout several of Host’s core markets and a rising interest-rate environment will pressure the firm’s performance and valuation.