Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM ...
Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
CoinDesk

Hackers Are Using Fake GitHub Code to Steal Your Bitcoin: Kaspersky

The GitHub code you use to build a trendy application or patch existing bugs might just be used to steal your bitcoin BTC $92,263.65 or other crypto holdings, according to a Kaspersky report. GitHub ...
ExtremeTech

GitHub hacked, millions of projects at risk of being modified or deleted

GitHub, one of the largest repositories of commercial and open source software on the web, has been hacked. Over the weekend, developer Egor Homakov exploited a gaping vulnerability in GitHub that ...