News

CSO Online9d
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising ...
Gizmochina1y
Microsoft’s popular code-sharing platform GitHub under attack, potentially affecting millions - Gizmochina
Apiiro reports over 100,000 GitHub repos hit by attackers adding malicious ... Millions of developers and users are on alert as the popular code-sharing platform GitHub faces a large-scale attack.
ZDNet7y
GitHub: Our dependency scan has found four million security flaws in public repos - ZDNET
GitHub says its security scan for old vulnerabilities in JavaScript and Ruby libraries has turned up over four million bugs and sparked a major clean-up by project owners. The massive bug-find ...
Bleeping Computer3mon
GitHub Action supply chain attack exposed secrets in 218 repos - BleepingComputer
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to ...