SEARCH
Archive
GitHub Opens Up Security Advisory Database
GitHub is opening is security Advisory Database to contributions to the community, allowing new research and improvements to help secure the software supply chain.
Flaw in Crypto Library Causes Revocation of SSH Keys for Git Services
A flaw in the keypair library that caused it to generate weak RSA keys for SSH has caused GitHub and other services to revoke many organizations' keys.
GitHub Drops Passwords in Favor of 2FA
GitHub has eliminated support for passwords for Git operations and now requires the use of a hardware security key or other strong 2FA option.
Malware Infects NetBeans Projects In Software Supply Chain Attack
The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new supply chain attack targeting NetBeans projects, GitHub Security Lab said.
GitHub Expands Scanning to Find Security Flaws in Code
The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.