The Hacker News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.
Visual Studio Magazine

GitHub Updates Spark, Its AI Prompt-Based App Builder

GitHub Spark, an AI app-generation tool separate from Copilot still in public preview, gains enterprise, billing, and UI ...
SecurityWeek

Unpatched Gogs Zero-Day Exploited for Months

Threat actors have exploited a zero-day vulnerability in the Gogs self-hosted Git service to compromise over 700 ...

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...
InfoWorld

AI-assisted software development with Amazon Q Developer

Amazon Q Developer is a useful AI-powered coding assistant with chat, CLI, Model Context Protocol and agent support, and AWS ...
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

Amazon's secret GitHub data grab

There's a rush to amass as much data as possible to train AI models. Amazon is trying to scrape Microsoft's Github for some of the data it needs.

The top software development news of the year

This article contains 10 of what we believe to be the biggest stories we covered throughout the year on SD Times.

Shai Hulud malware turns developers into unwitting distributors in NPM supply chain attacks

Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...