Skip to Content

GitHub Introduces New Vulnerability Reporting Feature

GitHub has created a communication channel that will allow researchers to disclo.se vulnerabilities to project maintainers more easily. Previously, it was often difficult to find contact information and vulnerabilities were reported over social media. The private vulnerability reporting feature is free and is currently in beta. Note The idea is this is private notification of …

Read More about GitHub Introduces New Vulnerability Reporting Feature

Dropbox phishing attack exposed some GitHub-stored code

Updated on 2022-11-06: Dropbox phishing attack exposed some GitHub-stored code Cloud giant Dropbox confirmed a data breach this week affecting its development environment. Dropbox said in a post-mortem that no customer data, content, passwords or payment info was taken. While limited in nature and contained, the disclosure explains what went wrong and why. (Yes, even …

Read More about Dropbox phishing attack exposed some GitHub-stored code

GitHub fixes repo-hijack bug

Updated on 2022-10-30: GitHub fixes repo-hijack bug Researchers at Checkmarx found a vulnerability, now addressed by GitHub, which allowed attackers to take control of code repositories because of a naming issue. Per The Record, thousands of GitHub users — including those in control of popular repositories and packages – opt to change their usernames, “leaving …

Read More about GitHub fixes repo-hijack bug

GitHub and CircleCI phishing campaign

Updated on 2022-09-23: Phishing Campaign Targets GitHub and CircleCI Users A phishing campaign is targeting customers of GitHub and the CircleCI continuous integration and delivery platform in an attempt to harvest account credentials. Both companies have notified their customers bout the malicious emails. Note It appears that there has been a significant increase in phishing …

Read More about GitHub and CircleCI phishing campaign
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.