Bleeping Computer

Over 3.1 million fake "stars" on GitHub projects used to boost rankings

GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users. Stars are similar ...
TechRepublic

GitHub Universe: Open Source Trends Report and New AI Security Products

GitHub Universe: Open Source Trends Report and New AI Security Products Your email has been sent GitHub Advanced Security gains AI features, and GitHub Copilot now includes a chatbot option. GitHub ...
Dark Reading

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of ...
Bleeping Computer

Dev rejects CVE severity, makes his GitHub repo read-only

The popular open source project, 'ip' recently had its GitHub repository archived, or made "read-only" by its developer. Fedor Indutny, due to a CVE report filed against his project, started getting ...
Dark Reading

Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking

Millions of enterprise software repositories on GitHub are vulnerable to repojacking, a relatively simple kind of software supply chain attack where a threat actor redirects projects that are ...
Arabian Post on MSN

AI-driven GitHub attack hits research community

A coordinated cyber campaign using artificial intelligence to disguise malicious code is targeting researchers, developers and security professionals by exploiting trust in GitHub repositories, ...