IT News Roundup: VS Code Zero-Day, AI Talent Shifts, and Major Breaches - June 24, 2026

The latest round of IT news brings a mix of urgent security alerts, major industry acquisitions, and significant talent movements in AI. A critical zero-day vulnerability in Visual Studio Code threatens developer credentials, while Qualcomm makes aggressive moves in the AI chip space. Meanwhile, one of the most prominent scientists in computational biology is making a high-profile switch between AI labs.

VS Code Zero-Day Lets Hackers Steal GitHub Tokens in One Click

A security researcher has disclosed exploit code for a Visual Studio Code zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a malicious link. The flaw, reported on June 3, enables one-click credential theft without requiring the victim to enter any credentials manually.

The vulnerability works by exploiting how VS Code handles certain URI schemes and authentication flows. When a user clicks a specially crafted link within an editor or markdown preview, their active GitHub token can be exfiltrated to an attacker-controlled server. This gives attackers full access to the victim's repositories, including private codebases.

The incident underscores ongoing risks in developer tooling ecosystems where extensions and built-in features interact with authentication systems. Users are advised to review their active GitHub tokens, rotate any that may have been compromised, and exercise caution when clicking links within editor environments. Source: BleepingComputer

Qualcomm Nears $4 Billion Acquisition of AI Startup Modular

Qualcomm is reportedly in advanced negotiations to acquire Modular Inc., an artificial intelligence infrastructure software company, in a deal valuing the startup at approximately $4 billion. The transaction represents Qualcomm's second major AI acquisition bid this month, following a rumored $10 billion pursuit of chip designer Tenstorrent.

The move signals Qualcomm's aggressive pivot beyond smartphones into data center and autonomous vehicle chips. Modular specializes in AI infrastructure software that helps organizations deploy and manage large-scale machine learning workloads — capabilities that complement Qualcomm's hardware strategy for enterprise AI deployments.

If completed, the acquisition would mark a significant shift in how semiconductor companies approach the AI market, combining chip design with full-stack software solutions. The deal follows a broader industry trend of established tech firms acquiring AI-native startups to accelerate their artificial intelligence capabilities. Source: Bloomberg

Nobel Laureate John Jumper Leaves Google DeepMind for Anthropic

John Jumper, Nobel Prize-winning scientist and co-founder of AlphaFold at Google DeepMind, announced on June 19 that he is leaving the company to join AI startup Anthropic. The departure marks one of the most significant talent movements in the AI industry this year.

Jumper's work on AlphaFold revolutionized computational biology by accurately predicting protein structures from amino acid sequences — an achievement credited with cutting years off biological and medical research timelines. He won the Nobel Prize alongside Demis Hassabis for this breakthrough, which has had profound implications for drug discovery and disease understanding.

The move aligns with Anthropic's growing push into life sciences and computational biology, areas where Jumper is a world authority. It also reflects the intensifying AI talent war, as leading labs compete fiercely for elite researchers who can drive breakthrough capabilities across multiple domains. Source: TechCrunch

Databricks Acquires Panther Labs to Challenge CrowdStrike and Splunk

Data analytics giant Databricks announced on June 16 that it has agreed to acquire cybersecurity startup Panther Labs, marking its third major push into the security sector. The acquisition advances Databricks' strategy to compete directly with established security players such as CrowdStrike and Cisco-owned Splunk.

Panther Labs built its platform around a telemetry-first detection approach, bringing security data from over 100 out-of-the-box integrations into a unified system for threat detection and response. The company was valued at $1.4 billion after a Series B funding round in 2021.

Databricks plans to integrate Panther's AI SOC platform with its own security lakehouse architecture, enabling customers to operationalize agentic detection and response using swarms of autonomous AI agents. The deal targets enterprises struggling to manage growing volumes of security data while keeping pace with threats that can spread across networks in seconds. Source: Databricks

Tata Electronics Breach Exposes Apple and Tesla Manufacturing Files

Indian electronics manufacturing giant Tata Electronics confirmed a cybersecurity incident after the World Leaks ransomware group published over 200,000 files totaling more than 630 gigabytes on the dark web. The leaked data allegedly includes proprietary documents belonging to Apple and Tesla, including manufacturing records, technical drawings, and employee passport scans.

Tata Electronics is one of Apple's most critical manufacturing partners in India, operating facilities that produce components for iPhone and other Apple products. The breach raises concerns about supply chain security in the electronics industry, where contract manufacturers handle highly sensitive design specifications and production data from multiple major clients simultaneously.

Tata stated that its operations remain unaffected by the incident. However, the scale of the leak — including what appear to be technical schematics and employee identification documents — highlights the risks faced by organizations in the electronics supply chain when targeted by sophisticated ransomware groups. Source: Cybernews

Critical Vulnerabilities Found in Popular VS Code Extensions with 125M+ Installs

Security researchers from OX Security discovered critical vulnerabilities in four widely-used Visual Studio Code extensions that, if exploited, could allow threat actors to steal local files and execute arbitrary code remotely. The affected extensions include Live Server (72 million installs), Markdown Preview Enhanced (8.5 million installs), Code Runner (37 million installs), and Microsoft Live Preview (11 million installs).

The vulnerabilities range from CVSS scores of 7.8 to 9.1, with the most severe flaw in Live Server rated at 9.1 — classified as critical. The issues stem from improper input sanitization and unsafe file handling within the extensions' preview and execution features.

As of the latest update, only Microsoft Live Preview has been patched by its maintainers. The remaining three extensions still contain unpatched vulnerabilities, leaving millions of developers potentially exposed. Users are strongly advised to review their installed extensions and consider alternatives until patches are released. Source: The Hacker News