SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
Infosecurity Magazine

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...
Bleeping Computer

GitHub outage impacts Actions, Codespaces, Issues, Pull Requests

GitHub was down today, affected by a worldwide outage preventing access to the website, issuing commits, cloning projects, or performing pull requests. The outage ...
Bleeping Computer

Hackers can use GitHub Codespaces to host and deliver malware

Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to ...
InfoQ

GitHub Codespaces Can Now Be Templated to Improve Performance

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
ZDNet

GitHub expands teacher access to Codespaces in Global Campus

Teachers who join GitHub's Global Campus and use GitHub Classroom will now get free access to the browser-based Codespaces integrated development environment, the code hosting platform said in a ...
Visual Studio Magazine

Visual Studio Codespaces Consolidates to GitHub Codespaces

Microsoft caused Codespaces confusion after it renamed its Visual Studio Online offering "Visual Studio Codespaces" and subsequently GitHub, owned by the company, introduced its own Codespaces.