SecurityWeek

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.

Research repository arXiv will ban authors for a year if they let AI do all the work

ArXiv is doing more to crack down on the careless use of large language models in scientific papers.

CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository

CISA is investigating after a contractor’s public GitHub repository exposed AWS GovCloud credentials, internal files, and ...

Moderne Introduces Changelog to Bridge Source Control and Change Control for AI-Driven, Multi-Repository Software Engineering

Moderne, the Agent Tools company for AI-driven software engineering, today announced Moderne Changelog, a new capability that gives engineering teams and AI coding agents unified visibility over pull ...
CSO Online

Contractor’s public GitHub account exposed GovCloud and CISA credentials

This kind of exposure happens with alarming frequency,’ said an expert; here’s what CSOs and CIOs should do to protect ...

Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.
Harvard Medical School

Filling the repository

This is a section within Good practices for university open-access policies. Adopting an OA policy is easier than implementing one, and the hardest part of implementing a "green" or repository-based ...