Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
Ars Technica

Travis CI flaw exposed secrets for thousands of open source projects

Why anyone would trust a web service to update their live code on the server is beyond me. But, never having used this service, I'm a bit confused. As a part of this activation process, developers are ...