The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...
GitHub

GNAP: git-native persistent task coordination for multi-agent handoffs

The new Agents SDK does handoffs really elegantly, but like most agent frameworks the coordination state is ephemeral — restart the process and the task graph is gone. I wanted to share a ...
GitHub

Pre-GSoC Task 2026

Design an architecture for a system that efficiently aggregates repository data from GitHub and serves it to a website while minimizing API usage and ensuring scalability. An organization maintains ...