Security News
GitHub has released technical information on six vulnerabilities identified by one of its security researchers in the WebAudio component of Chrome. The researcher started looking for Chrome vulnerabilities while he was working for Semmle, which GitHub acquired last year for its code analysis platform.
GitHub has warned users that they may be targeted in a fairly sophisticated phishing campaign that the company has dubbed "Sawfish." GitHub has pointed out that this phishing campaign has several noteworthy aspects.
GitHub users beware: online criminals have launched a phishing campaign to try and gain access to your accounts. They could create a GitHub personal access token, which allows the user to access their GitHub account using the Security Assertion Markup Language.
GitHub this week announced that it has paid out over $1 million in rewards to the security researchers participating in its bug bounty program on HackerOne. The security bug bounty program was launched on the hacker-powered platform in 2016, but GitHub has been accepting vulnerability reports since February 2014.
On Wednesday, AMD confirmed intellectual property related to its graphics processors was stolen last year, though insisted the leaked files will not damage its business nor compromise product security. Two days ago, AMD issued two Digital Millennium Copyright Act takedown notices to GitHub, directing the Microsoft-owned code storage biz to remove five repositories - an original repo and four copies - that contained confidential internal hardware source code for its Navi family of GPUs.
Was there a big, bad security bug in Microsoft Windows waiting to be announced the next day? This time, the NSA gave the bug to Microsoft to patch the hole proactively, and here we are!
The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.
WhiteSource, the leader in open source security and license compliance management, announced support for GitHub Packages and with it the ability to automate container security. GitHub customers...
GitHub this week announced GitHub Security Lab, a new initiative aimed at making open source software more secure. read more
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by example, dedicating full-time resources...