Security News
GitHub this week announced that it has paid out over $1 million in rewards to the security researchers participating in its bug bounty program on HackerOne. The security bug bounty program was launched on the hacker-powered platform in 2016, but GitHub has been accepting vulnerability reports since February 2014.
On Wednesday, AMD confirmed intellectual property related to its graphics processors was stolen last year, though insisted the leaked files will not damage its business nor compromise product security. Two days ago, AMD issued two Digital Millennium Copyright Act takedown notices to GitHub, directing the Microsoft-owned code storage biz to remove five repositories - an original repo and four copies - that contained confidential internal hardware source code for its Navi family of GPUs.
Was there a big, bad security bug in Microsoft Windows waiting to be announced the next day? This time, the NSA gave the bug to Microsoft to patch the hole proactively, and here we are!
The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.
WhiteSource, the leader in open source security and license compliance management, announced support for GitHub Packages and with it the ability to automate container security. GitHub customers...
GitHub this week announced GitHub Security Lab, a new initiative aimed at making open source software more secure. read more
GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by example, dedicating full-time resources...
Let's all have a code audi- oh, wait, they did that already Encrypted email biz ProtonMail has open-sourced the code for its iOS app, having paid for a code audit that says there's nothing wrong with it.…
Let's all have a code audi- oh, wait, they did that already Encrypted email biz ProtonMail has open-sourced the code for its iOS app, having pre-emptively paid for a code audit that says there's...
Semmle's flaw-finding queries can be shared and used on multiple projects On Wednesday, Microsoft's GitHub said it has acquired Semmle, a San Francisco-based software analysis platform for finding...