AI Giants Accidentally Leaking Secrets on GitHub

Research by Wiz shows that industry titans, with combined valuations exceeding $400 billion, have left the equivalent of ...
TechCrunch

Open source developers urged to ditch GitHub following Copilot launch

Software Freedom Conservancy, a not-for-profit organization that provides support and legal services for open source software projects, has called on the open source community to ditch GitHub after ...
VentureBeat

Hackers use stolen OAuth access tokens to breach dozens of organization’s internal systems

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...
Bleeping Computer

GitHub: How stolen OAuth tokens helped breach dozens of orgs

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. The attacker used stolen OAuth ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
InfoQ

GitHub Delivers Copilot Enterprise for Large Organizations

GitHub Copilot Enterprise, a Copilot plan available for enterprises that use GitHub Enterprise Cloud, is now generally available. It offers AI capabilities to improve the user's experience on ...
Searchenginejournal.com

Non-Profit Organization Announces Free Domain Names

A non-profit organization that is supported by Cloudflare, GitHub, and other organizations has open-sourced domain names, making them available with no catches or hidden fees. The sponsor of the free ...
Business Wire

Veza Launches GitHub Integration to Stop IP Theft, Enabling Organizations to Enforce Access Policies on Source-Code Repositories

PALO ALTO, Calif.--(BUSINESS WIRE)--Veza, the authorization platform for identity-first security, today announced an integration with GitHub, the software collaboration platform that is home to over ...
CSOonline

GitHub open sources Entitlements IAM sytem, built as a Git repository

The company behind one of the most important open source projects in the world is providing a new way to use its framework for IAM (identity and access management) this week. GitHub is making ...
Star Tribune

Will GitHub open-source coding site survive in China?

In October, Microsoft announced that it is shutting down its business social network, LinkedIn, in China. Having to comply with Chinese state restrictions has become increasingly challenging, it said.
Bleeping Computer

GitHub now allows enabling private vulnerability reporting at scale

GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging to an organization. Once toggled on, security researchers ...