GitHub backs down, kills Copilot pull-request ads after backlash

Following backlash from developers, GitHub has removed Copilot's ability to stick ads - what it calls "tips" - into any pull request that invokes its name.  Australian developer Zach Manson noted on ...
The Hacker News

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...

GitHub Copilot will use your data for AI training by default, but you can opt out

GitHub describes this training data as inputs, outputs, code snippets, and associated context, but the fine print goes into ...
Security Boulevard

How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack

Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate ...

Anthropic’s Claude can now control your Mac, escalating the fight to build AI agents that actually do work

Anthropic has given Claude the ability to control a Mac, marking a major step in the AI agent race and raising new questions ...
Make Tech Easier

Use Pake to Turn Websites Into Desktop Apps — No Bloat, No Browser Dependency

Turn any website into a desktop app with Pake. Create fast, lightweight apps without browser dependency or bloat.

GitHub Store 1.7.0: Updates without click, security without root

Automatic updates, silent install, app-repo linking and signature verification: GitHub Store becomes a power-user tool with version 1.7.0.

You can now run OpenAI’s Codex inside Claude Code: Here’s how

OpenAI took the coding agent rivalry to Claude’s coding terminal. OpenAI has developed a plugin to run its Codex agent inside ...

iPhone exploit DarkSword has been released in the wild: How to protect yourself

Uh-oh. Now anyone can easily use it.