GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.
The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek.
GitHub Actions Artifacts Leak Tokens and Expose Cloud Services and Repositories
Misconfigurations and security bugs lead to GitHub Actions artifacts exposing tokens for third party cloud services and GitHub repositories.
The post GitHub Actions Artifacts Leak Tokens and Expose Cloud Services and Repositories appeared first on SecurityWeek.
GitHub Makes Copilot Autofix Generally Available
GitHub has made AI-powered Copilot Autofix generally available to help developers fix code vulnerabilities faster.
The post GitHub Makes Copilot Autofix Generally Available appeared first on SecurityWeek.
Network of 3,000 GitHub Accounts Used for Malware Distribution
Stargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories.
The post Network of 3,000 GitHub Accounts Used for Malware Distribution appeared first on SecurityWeek.
Ex-GitHub Engineers Raise $20M to Enhance Pen-Testing with AI-Powered XBOW
A team of former GitHub engineers has secured $20 million in venture capital funding from Sequoia to build AI-powered security tools.
The post Ex-GitHub Engineers Raise $20M to Enhance Pen-Testing with AI-Powered XBOW appeared first on SecurityWeek.
GitHub Paid Out Over $4 Million via Bug Bounty Program
The code hosting platform GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago.
The post GitHub Paid Out Over $4 Million via Bug Bounty Program appeared first on SecurityWeek.
Critical Authentication Bypass Resolved in GitHub Enterprise Server
Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges.
The post Critical Authentication Bypass Resolved in GitHub Enterprise Server appeared first on SecurityWeek.
Threat Actors Manipulate GitHub Search to Deliver Malware
Checkmarx warns of a new attack relying on GitHub search manipulation to deliver malicious code.
The post Threat Actors Manipulate GitHub Search to Deliver Malware appeared first on SecurityWeek.
GitHub Rolls Out ‘Code Scanning Autofix’ in Public Beta
GitHub’s code scanning autofix delivers remediation suggestions for two-thirds of the identified vulnerabilities.
The post GitHub Rolls Out ‘Code Scanning Autofix’ in Public Beta appeared first on SecurityWeek.
GitHub Rotates Credentials in Response to Vulnerability
GitHub rotates credentials and releases patches after being alerted of a vulnerability affecting GitHub.com and GitHub Enterprise Server.
The post GitHub Rotates Credentials in Response to Vulnerability appeared first on SecurityWeek.