Normally, when you upload a project to GitHub you're free to make revisions to that code at any time. In many cases, that ...

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by ...

GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users. Stars are similar ...

The Technology Modernization Fund Board will invest a total of $94.8 million in three projects increasing network security for critical services at separate agencies. “This Administration is on a path ...

A new phishing tool named “GoIssue” has surfaced on a cybercrime forum, posing a significant threat to GitHub users and the broader software development community. This tool enables cybercriminals to ...

The popular open source project, 'ip' recently had its GitHub repository archived, or made "read-only" by its developer. Fedor Indutny, due to a CVE report filed against his project, started getting ...

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of ...

Millions of enterprise software repositories on GitHub are vulnerable to repojacking, a relatively simple kind of software supply chain attack where a threat actor redirects projects that are ...