News
18hon MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
Discover how GitHub’s Spec-Kit and AI integration are improving software development with smarter, spec driven, streamlined workflows.
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Discover how GitHub's SpecKit transforms AI coding with spec-driven development, offering reliability, efficiency, and seamless workflows.
Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.
GitHub, the popular open-source development community site, is finally getting its licensing act together. It's high time since Black Duck has found that 77-percent of GitHub projects have no ...
Hackers are creating hundreds of fake GitHub projects aiming to dupe users into downloading crypto and credential-stealing malware, says cybersecurity firm Kaspersky. Kaspersky analyst Georgy ...
GitHub is now also a CVE CNA and can issue its own CVE numbers for bugs disclosed in projects hosted on the platform.
Announced in beta at GitHub Universe 2021, GitHub Projects is now generally available, including new features for issue grouping and pivoting, metadata customization, charting, and improved ...
GitHub is now popular enough for other companies to start building services around it. One of the latest projects that aims to make working with GitHub faster and easier is ZenHub. With ZenHub ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback