Security News

Researchers have uncovered a network of GitHub accounts containing backdoored versions of legitimate software.

GitHub is offering unlimited rewards for critical vulnerabilities - and has added "safe harbor" terms to its bug bounty program.

After paying out $250,000 in bug bounties in 2018, GitHub has decided to increase rewards and expand the scope of its bug bounty program. read more

Microsoft-owned GitHub informed developers on Thursday that they can easily ensure that the dependencies used by their applications are always secure and up to date through an integration of its...

The potency of DDoS attacks lies in the number of packets being sent rather than the relative bandwidth involved in the attack.

Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern...

Bug hunter rages at wearisome disclosure process An infosec researcher has expressed his frustration with disclosure processes by going public with a zero-day in VirtualBox, Oracle's open-source...

Code of DexGuard, software designed to secure Android applications and software development kits (SDKs), was removed from GitHub last week, after being illegally posted on the platform. read more

A GitHub API token leaked from Homebrew’s Jenkins provided a security researcher with access to core Homebrew software repositories (repos). read more

What just befell a "small" piece of SnapChat’s source code, and should users be concerned?