Hosted on MSN

The GitHub hack was one plugin away from being your problem too

An infected VS Code extension compromised around 3,800 repositories owned by GitHub. And that's something that all developers around the globe must be wary of. It's not just any random user whose ...
Bleeping Computer

GitHub Action hack likely led to another in cascading supply chain attack

To prevent similar compromises in the future, pin GitHub Actions to commit hashes instead of version tags and use GitHub's allow-listing feature to restrict unauthorized actions. Those supply chain ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.
Hosted on MSN

GitHub confirms 'hacking' attack; says: We detected and contained a compromise of an employee device involving a poisoned

GitHub has confirmed a cyberattack involving unauthorized access to some of its internal repositories after a threat actor claimed it had stolen and was attempting to sell company data online. In a ...
InfoWorld

Thousands of open source projects at risk from hack of GitHub Actions tool

App development teams who use a popular utility in the GitHub Actions continuous integration and continuous delivery/deployment (CI/CD) platform need to scrub their code because the tool was ...