Researchers have uncovered a sustained campaign using GitHub's public APIs and ghost accounts to profile enterprise software ...
Noma Labs tricked GitHub's AI agent into leaking private repositories with a crafted issue. The prompt-injection flaw, GitLost, has no code fix.
The issue affects GitHub Agentic Workflows setups that read public input, hold private repo access, and can post output ...
North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
GitHub Inc.’s new Agentic Workflows feature that allowed an unauthenticated attacker to siphon data from private code ...
Last week Okta announced a security breach that involved an attacker gaining access to its source code hosted in GitHub. That's just the latest example in a long string of attacks gaining access to ...
The North Korean state-sponsored Lazarus advanced persistent threat (APT) group is back with yet another impersonation scam, this time posing as developers or recruiters with legitimate GitHub or ...
GitHub breach fears are back after the company confirmed attackers accessed thousands of internal repositories through a poisoned VS Code extension. GitHub says customer repositories were not affected ...
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results