CSOonline

GitHub secrets: Deleted files still pose risks

Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to look. Cybersecurity researcher Sharon ...
ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...

Microsoft is still leaving Mac users exposed to GitHub Mac malware flood

For the last few years, Mac users are facing a wave of fake apps on Microsoft-owned GitHub that disguise themselves as popular software, only to trick victims into handing over their passwords.
Bleeping Computer

35,000 code repos not hacked—but clones flood GitHub to serve malware

Thousands of GitHub repositories were copied with their clones altered to include malware, a software engineer discovered today. While cloning open source repositories is a common development practice ...
Arabian Post on MSN

Developers Protest GitHub’s Code Search Overhaul

GitHub’s decision to remove the ability to sort code search results by index date has triggered an outpouring of frustration from developers who argue that the change has undermined one of the ...