GIGAZINE

It's by design that anyone can access deleted or private repositories on GitHub.

GitHub allows anyone to access forks and repositories that have been deleted or set to private, and this behavior is by design and not a flaw, open source security firm Truffle Security said in a blog ...
GIGAZINE

It was pointed out that repositories that were supposed to be private on GitHub were made public through Microsoft's AI assistant 'Copilot'

The software development platform GitHub allows users to manage projects by making repositories private, preventing code from being seen by anyone other than those involved. However, an investigation ...
ZDNet

How to move your codebase into GitHub for analysis by ChatGPT Deep Research - and why you should

A few days ago, I showed you an amazing new ChatGPT feature available to paying users. Plus, Pro, and Team tier users can now point Deep Research at an entire GitHub repo and get back analysis reports ...
Security Boulevard

Scanning GitHub Gists for Secrets with Bring Your Own Source

Developers treat GitHub Gists as a "paste everything" service, accidentally exposing secrets like API keys and tokens. BYOS lets you scan and monitor these blind spots.
Ars Technica

Copilot exposes private GitHub pages, some removed by Microsoft

Microsoft’s Copilot AI assistant is exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent and, ironically, ...
TechRepublic

CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft

A GitHub Copilot Chat bug let attackers steal private code via prompt injection. Learn how CamoLeak worked and how to defend against AI risks. Image: przemekklos/Envato A critical vulnerability in ...