SecurityWeek

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.
SecurityWeek

GitHub Confirms Hack Impacting 3,800 Internal Repositories

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code ...
Cryptopolitan on MSN

Binance founder warns developers to rotate API keys after GitHub internal repository exposure

Binance CZ urges developers to rotate API keys following the exposure of a GitHub internal repository.
Dark Reading

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

In just six hours, the campaign quietly pushed malware to more than 5,500 GitHub repositories, stealing credentials, ...
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
BeInCrypto

Changpeng Zhao Warns Crypto Devs to Rotate API Keys After GitHub Hack

GitHub says a poisoned VS Code extension exposed 3,800 internal repos as Binance founder CZ tells crypto devs to rotate keys.
Krebs on Security

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public ...
Bleeping Computer

GitHub expands security tools after 39 million secrets leaked in 2024

GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...

GitHub Copilot shifts to usage-based pricing June 1 - why that's no surprise

Under the new approach, if you run out of credits, you can't use the service. GitHub plans to preview the new billing in early May.