Bleeping Computer

GitHub enables push protection by default to stop secrets leak

GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code. Today's announcement comes ...
Redmondmag.com

GitHub Abuse Emerges in Twin Social Engineering Campaigns Spotted by Fortra, Trend Micro

Security researchers are tracking two separate GitHub-related threat campaigns that use the platform's infrastructure in different ways -- one to deliver vishing lures through legitimate GitHub ...
InfoWorld

GitHub rolls out push protection on public repos

With push protection, GitHub’s secret scanning blocks users from pushing secrets to a repository, while giving them the option to bypass the block. GitHub has begun rolling out push protection for all ...
heise online

New security features for GitHub to protect secrets

According to GitHub, it blocks several secrets such as passwords or API keys that are secured with push protection every minute. Nevertheless, secret leaks remain one of the most common causes of ...
Bleeping Computer

GitHub comments abused to push password stealing malware masked as fixes

GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. The campaign was first reported by a contributor to the teloxide rust ...
InfoQ

How GitHub Improved Code Push Processing Reliability

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...
newsbytesapp.com

OpenAI is building a GitHub alternative

OpenAI is quietly working on a new code hosting platform to take on GitHub, after recent outages left engineers unable to push code for hours. The project is still early and could end up as an ...