GitHub has released a new push protection feature to prevent developers from accidentally including secrets in commits.
GitHub is launching two new features that enable developers to create a private vulnerability reporting channel and provide provenance attestations for their packages.
Starting March 13, developers on GitHub will be required to enable some form of two-factor authentication for their accounts.
An attacker exfiltrated three encrypted code-signing certificates from GitHub used to sign versions of Desktop for Mac and Atom.
GitHub has launched a new feature that enables researchers to privately report vulnerabilities to repository maintainers.