Starting March 13, developers on GitHub will be required to enable some form of two-factor authentication for their accounts.
An attacker exfiltrated three encrypted code-signing certificates from GitHub used to sign versions of Desktop for Mac and Atom.
GitHub has launched a new feature that enables researchers to privately report vulnerabilities to repository maintainers.
The PyPI maintainers say a new phishing campaign is targeting Python project maintainers and aiming to steal credentials and compromise projects.
GitHub will require 2FA for all users who contribute code on the platform by the end of 2023.