Dozens of Red Hat packages backdoored through its official NPM channel

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, ...
Visual Studio Magazine

VS Code 1.122 Lets BYOK Work Without GitHub Sign-In

Microsoft's May 2026 VS Code update makes BYOK usable in restricted environments while adding agent, browser and issue-reporting updates.
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
GitHub

modaic-ai/gepa-viz

Live visualization for GEPA prompt-optimization runs. Renders the candidate tree as a force-directed graph so you can watch prompts evolve over a pareto frontier in real time. Big nodes are candidates ...