CSO Online

GitHub Copilot prompt injection flaw leaked sensitive data from private repos

Hidden comments in pull requests analyzed by Copilot Chat leaked AWS keys from users’ private repositories, demonstrating yet ...
ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
PC World

Users with weak SSH keys had access to GitHub repositories for popular projects

A number of high-profile source-code repositories hosted on GitHub could have been modified using weak SSH authentication keys, a security researcher has warned. The potentially vulnerable ...
ZDNet

GitHub shifts away from passwords with security key support for SSH Git operations

When you add a security key to SSH operations, you can use these devices to protect you and your account from accidental exposure, account hijacking, or malware, GitHub security engineer Kevin Jones ...
Linux Journal

Why Smart Cards Are Smart

If you use GPG keys, learn about the benefits to storing them on a smart card. GPG has been around for a long time and is used to secure everything from your email to your software. If you want to ...