10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...

Trellix source code breach claimed by RansomHouse hackers

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which ...
Hosted on MSN

GitHub fixes critical flaw in private repositories

Critical flaw patched: GitHub addressed a remote code execution bug that could be exploited by anyone with push access to private repositories. High risk exposure: The vulnerability threatened ...
GovInfoSecurity

Trellix Discloses Source Code Hack

Trellix disclosed over the weekend that hackers found their way to its source code repository. The company said that ...
IPWatchdog

Your Developers Could Be Publicly Disclosing Source Code By Using Third-Party Code Repositories

“It is important to keep in mind that courts have found that the mere intent to keep the document confidential is insufficient.” Recently, I met with a potential client to discuss key points that ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...
Bleeping Computer

Slack's private GitHub code repositories stolen over holidays

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...
Dark Reading

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

A hacker going by the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, in a typosquatting effort to impersonate legitimate projects — thus ...