Security News

Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern...

Bug hunter rages at wearisome disclosure process An infosec researcher has expressed his frustration with disclosure processes by going public with a zero-day in VirtualBox, Oracle's open-source...

Code of DexGuard, software designed to secure Android applications and software development kits (SDKs), was removed from GitHub last week, after being illegally posted on the platform. read more

A GitHub API token leaked from Homebrew’s Jenkins provided a security researcher with access to core Homebrew software repositories (repos). read more

What just befell a "small" piece of SnapChat’s source code, and should users be concerned?

The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the...

In a move to protect its users, software repository site GitHub is now alerting account holders whenever it detects that a password has been compromised in breaches on other services. read more

GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also work for Python...

Third language added to security scanner GitHub's added Python to the list of programming languages it can auto-scan for known vulnerabilities.…

GitHub announced on Thursday that developers will be warned if the Python packages used by their applications are affected by known vulnerabilities. read more