ZDNet

GitHub suspends member over 'mass-assignment' hack

A GitHub member was briefly suspended on Sunday after he exploited a vulnerability in the code repository's systems without first telling GitHub he was going to do so. Egor Homakov's hack caused ...

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
InfoWorld

Thousands of open source projects at risk from hack of GitHub Actions tool

App development teams who use a popular utility in the GitHub Actions continuous integration and continuous delivery/deployment (CI/CD) platform need to scrub their code because the tool was ...
Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
CSOonline

User Hacks GitHub to Showcase Vulnerability After Rails Developers Dismiss His Report

A user has hacked into the official GitHub-hosted Ruby on Rails code repository and bug tracker on Sunday in order to show the Rails development team how serious a vulnerability was. Ruby on Rails, ...
PC World

User Hacks GitHub to Showcase Vulnerability After Rails Developers Dismiss His Report

A user has hacked into the official GitHub-hosted Ruby on Rails code repository and bug tracker on Sunday in order to show the Rails development team how serious a vulnerability was. Ruby on Rails, ...