ZDNet

GitHub suspends member over 'mass-assignment' hack

A GitHub member was briefly suspended on Sunday after he exploited a vulnerability in the code repository's systems without first telling GitHub he was going to do so. Egor Homakov's hack caused ...
Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
Bleeping Computer

Hackers can use GitHub Codespaces to host and deliver malware

Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to ...
PC World

User Hacks GitHub to Showcase Vulnerability After Rails Developers Dismiss His Report

A user has hacked into the official GitHub-hosted Ruby on Rails code repository and bug tracker on Sunday in order to show the Rails development team how serious a vulnerability was. Ruby on Rails, ...
Ars Technica

Hacker commandeers GitHub to prove Rails vulnerability

A Russian hacker dramatically demonstrated one of the most common security weaknesses in the Ruby on Rails web application language. By doing so, he took full control of the databases GitHub uses to ...