Note: As we shift focus to Mainnet, we've stopped tracking new CodeAssist participation on Testnet. All historical data remains on-chain. CodeAssist is a completely private and local AI coding ...
A PreToolUse hook that intercepts and blocks destructive git and filesystem commands before AI coding agents run them. CC Safety Net parses command semantics — so flag reordering, shell wrappers, and ...
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code ...
GitHub disabled 73 Microsoft repositories after a Miasma supply chain attack. Malicious commits targeted AI coding tools, VS Code, and developer workstations. Developers should rotate credentials if ...