Security news that informs and inspires

Archive

16 results for tag Github:

GitHub Opens Up Security Advisory Database

GitHub is opening is security Advisory Database to contributions to the community, allowing new research and improvements to help secure the software supply chain.

Github

Flaw in Crypto Library Causes Revocation of SSH Keys for Git Services

A flaw in the keypair library that caused it to generate weak RSA keys for SSH has caused GitHub and other services to revoke many organizations' keys.

Github, Cryptography

GitHub Drops Passwords in Favor of 2FA

GitHub has eliminated support for passwords for Git operations and now requires the use of a hardware security key or other strong 2FA option.

Supply Chain, Github

Malware Infects NetBeans Projects In Software Supply Chain Attack

The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new supply chain attack targeting NetBeans projects, GitHub Security Lab said.

Supply Chain, Appdev, Github

GitHub Expands Scanning to Find Security Flaws in Code

The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.

Open Source, Github, Vulnerability, Appdev