Hosted on MSN

Hackers just walked off with 3,800 of GitHub’s internal code repositories — smuggled out by a single poisoned plugin a GitHub developer trusted

Somewhere inside GitHub, a developer installed a Visual Studio Code extension. It looked like any other productivity plugin in Microsoft’s marketplace. It wasn’t. That single installation gave ...
IPWatchdog

Your Developers Could Be Publicly Disclosing Source Code By Using Third-Party Code Repositories

“It is important to keep in mind that courts have found that the mere intent to keep the document confidential is insufficient.” Recently, I met with a potential client to discuss key points that ...
SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
Forbes

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. GitHub confirms 3,800 repositories breached. GitHub, the cloud-based hosting service used by ...
Bleeping Computer

Okta's source code stolen after GitHub repositories hacked

Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were hacked this month. According to a 'confidential' ...
Dark Reading

Dropbox Code Repositories Stolen in Cyberattack on GitHub-Based Developers

A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 ...
Bleeping Computer

Slack's private GitHub code repositories stolen over holidays

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...