GitHub Copilot gains extensions as GitHub and FileZilla face malware exploits

As GitHub Copilot gains extensions, GitHub and FileZilla face malware exploits

GitHub has announced a new feature that enables developers to extend Copilot with third-party skills, providing an extra layer of customisation.

At this year's Build conference, it announced the acquisition of a conversational assistant tool company called Semantic Machines to help enhance its products. GitHub's "AI pair programming tool," Copilot, also grabbed significant attention with the launch of its Copilot Extension. This new feature allows developers to extend Copilot...

Phylum uncovers targeted malware disguised in Python package

Phylum’s cybersecurity experts have detected a malicious payload embedded within a popular Python package on the PyPI repository. The package, named requests-darwin-lite, is an unauthorised variant of the widely-used requests library.

The requests-darwin-lite package was cleverly designed to emulate its legitimate counterpart but included a Go binary concealed within an oversized image file pretending to be a simple logo. This file – a PNG labelled as a sidebar image –...

CISA sounds alarm on critical GitLab flaw under active exploit

The US Cybersecurity and Infrastructure Security Agency (CISA) has labelled a critical vulnerability affecting the popular Git-based repository manager GitLab as a Known Exploited Vulnerability (KEV). The move comes in response to active exploitation attempts detected in the wild, underscoring the urgency for organisations to promptly apply security updates.

Tracked as CVE-2023-7028, the severe flaw (CVSS score: 10.0) could enable adversaries to take over user accounts by sending...

Microsoft and IBM release MS-DOS 4.00 source code

In a celebration of innovation and preserving computing history, Microsoft has released the source code for MS-DOS 4.00 in partnership with IBM. The release – available under the permissive MIT license – includes the operating system's source code, binary files, and original documentation.

The decision to open source MS-DOS 4.00 stems from recent correspondence between a researcher named Connor "Starfrost" Hyde and former Microsoft CTO Ray Ozzie. While exploring Ozzie's...

GitHub’s 2FA rollout boosts supply chain security

In a push to enhance the security of the software supply chain, GitHub has successfully rolled out mandatory two-factor authentication (2FA) for code contributors on its platform.

GitHub’s 2FA rollout – announced in May 2022 – aimed to address the critical first link in the software supply chain by securing the developers responsible for designing, building, and maintaining the software we all rely on.

The results are in

After a year of meticulous preparation,...

GitHub updates Innovation Graph with latest developer trends

GitHub's Innovation Graph has been updated with data from Q4 2023, offering a comprehensive view of global developer activity over the past four years.

The latest findings highlight the increasing popularity of AI among developers, leading to a rise in project documentation. This trend is attributed to the widespread use of chat-based generative AI tools like GitHub Copilot Chat and ChatGPT.

"While we recognise that it's not a panacea, perhaps generative AI technologies...

Python skills ‘increasingly essential’ to dev teams venturing into advanced AI

Python’s status as the primary language for AI and machine learning projects, from its extensive data-handling capabilities to its flexibility and portability, is well-founded. Just how well-founded can be seen in new user data from Snowflake.

The cloud data provider reported that, year on year, use of Python grew 571% in Snowpark, Snowflake’s set of libraries which securely deploy and process non-SQL code. In other words, it will not be a surprise to see Python, Scala and...

Redis switches to more restrictive license

Leading in-memory database vendor Redis is adopting a dual-licensing model, imposing far stricter terms on companies offering Redis as a service. 

In an official announcement, Redis Labs stated that starting with version 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and the controversial Server Side Public License (SSPLv1).

This is not the first time Redis has changed licensing terms. In 2018, it shifted some modules to a more...

Use open-source digital twins to track live systems

Recent technology innovations have made real-time monitoring of live systems easier and more powerful. Digital twins are one of the latest game-changing technologies.

The Digital Twin Consortium defines digital twins as virtual representations of real-world entities and processes, synchronised at a specified frequency and fidelity. They use real-time and historical data to represent the past and present and simulate predicted futures.

Michael Grieves first introduced the...

Linux Kernel closes in on 10M git objects

Linus Torvalds has announced version 6.8 of the Linux Kernel, inching ever closer to a major milestone in the project's codebase. In his announcement on Sunday, Torvalds noted that the git repository tracking the kernel's development now contains 9.996 million objects.

"This is the last mainline kernel to have less than ten million git objects," Torvalds wrote, though he was quick to add, "Of course, there is absolutely nothing special about it apart from a nice round number. Git...