Technology

A hacker group is poisoning open source code at an unprecedented scale

Source

Ars Technica

Published

May 22, 2026

TL;DR

AI Generated

A hacker group known as TeamPCP has been conducting a significant number of software supply chain attacks, corrupting hundreds of open source tools to insert their malicious code. The group recently breached GitHub by installing a tainted extension for VSCode, compromising around 4,000 of GitHub's code repositories. TeamPCP has been actively carrying out these attacks, with cybersecurity firm Socket reporting over 20 waves of attacks in the past few months, affecting more than 500 software pieces. This ongoing spree of attacks has raised concerns about the security and trustworthiness of the software ecosystem.

Read Full Article

The Download: Trump’s new AI order, and smart glasses for warfare

President Trump signed a new AI order focusing on innovation and security, introducing a voluntary review system for tech companies to share models with the government before release. Meanwhile, defense-tech company Anduril is developing smart glasses for warfare with Meta, envisioning drone strike orders via eye-tracking and voice commands. SpaceX plans to raise $75 billion in an IPO, Meta scales back worker tracking for AI training, and Microsoft launches a new AI assistant. Additionally, concerns arise about AI's impact on mathematics, surveillance, and cybersecurity.

MIT Technology Review•

8 hours ago

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

President Trump has signed an executive order requiring AI companies to provide the government with early access to their most advanced models for up to 30 days before public release. This voluntary framework includes a classified benchmark to determine which models qualify for review. The order tasks agencies like the NSA and CISA with creating the benchmark and selecting trusted partners for review. The directive also establishes an "AI cybersecurity clearinghouse" to coordinate vulnerability scanning and patch distribution. Critics raise concerns about potential government interference in deciding who gains early access to powerful AI models.

Tom's Hardware•

9 hours ago

Github Copilot customers report up to 100-fold price hikes — AI sticker shock bites as Microsoft switches to usage-based pricing

GitHub Copilot has transitioned to usage-based pricing, leading to significant price hikes for customers. Users are reporting bills increasing by up to 100-fold, with some finding subscription plans limited or useless due to low usage limits. The new pricing model includes token allowances in different subscription tiers, but estimating token usage for queries can be challenging. Users are advised to carefully select efficient models to manage costs, as some have experienced unexpectedly high token consumption even with light usage. Investors are pushing for AI companies to generate more revenue to match their expenditures, despite backlash against Microsoft for the pricing changes.

Tom's Hardware•

11 hours ago

MIT Technology Review

The Download: AI can run your admin department now

AI is increasingly taking on basic administrative tasks for small businesses, from organizing notes to invoicing and social media planning. Anthropic has confidentially filed for an IPO ahead of OpenAI, aiming to go public this fall. The EU may exclude US cloud giants like Amazon, Microsoft, and Google from critical contracts to reduce dependence on US tech. Florida has become the first state to sue OpenAI over alleged child safety risks related to ChatGPT. Hackers exploited Meta AI to steal Instagram accounts, highlighting the risks of offloading support to AI.

MIT Technology Review•

1 day ago

The Download: Trump’s new AI order, and smart glasses for warfare

MIT Technology Review•

8 hours ago

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

Tom's Hardware•

9 hours ago

Github Copilot customers report up to 100-fold price hikes — AI sticker shock bites as Microsoft switches to usage-based pricing

Tom's Hardware•

11 hours ago

MIT Technology Review

The Download: AI can run your admin department now

MIT Technology Review•

1 day ago

A hacker group is poisoning open source code at an unprecedented scale

TL;DR

Similar Articles

The Download: Trump’s new AI order, and smart glasses for warfare

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

Github Copilot customers report up to 100-fold price hikes — AI sticker shock bites as Microsoft switches to usage-based pricing

The Download: AI can run your admin department now

We use cookies

A hacker group is poisoning open source code at an unprecedented scale

TL;DR

Similar Articles

The Download: Trump’s new AI order, and smart glasses for warfare

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

Github Copilot customers report up to 100-fold price hikes — AI sticker shock bites as Microsoft switches to usage-based pricing

The Download: AI can run your admin department now