SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Infosecurity Magazine

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
Visual Studio Magazine

Hands On with New GitHub Agents Tab for Repo-Level Copilot Coding Agent Workflows

GitHub's new Agents tab centralizes Copilot coding agent sessions in a repository, making it easier to launch tasks, track progress, and review the resulting pull requests in standard tooling such as ...