Bleeping Computer

Linux wiper malware hidden in malicious Go modules on GitHub

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. The campaign was detected last month and relied on three malicious Go modules that ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
Dark Reading

10 Major GitHub Risk Vectors Hidden in Plain Sight

Risk vector: Package managers like npm, pip, Maven, and Go modules all enable pulling dependencies directly from GitHub repositories instead of official registries. Attack surface: Using mutable ...
TheServerSide

How to create Git submodules in GitHub and GitLab by example

Community driven content discussing all aspects of software development from DevOps to design patterns. In a previous git submodules tutorial, I added submodules to a stand-alone repository. There was ...
TheServerSide

Why GitHub renamed its master branch to main

Since its inception, the Git DVCS tool's default branch name was set to master. Every Git repository had a master branch unless a developer took explicit steps to remove it, which was rarely ever done ...
Visual Studio Magazine

GitHub Open Sources Kit for Spec-Driven AI Development

GitHub unveiled an open-source dev kit designed to help developers adopt spec-driven development with AI tools such as GitHub Copilot, Claude Code and Gemini CLI, moving beyond quick "vibe-coding" ...