Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
How-To Geek on MSN

GitHub Is Making Open-Source Projects More Secure

Normally, when you upload a project to GitHub you're free to make revisions to that code at any time. In many cases, that ...
ZDNet

GitHub security alerts now support Java and .NET projects

Code hosting service GitHub has updated its platform this week, and among the many developer-centric changes, the company also rolled out three new security features for project owners. The most ...
ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
TechCrunch

AWS open sources fuzzing tool SnapChange and policy-based access control language Cedar

Amazon Web Services (AWS) has launched two new open source projects today, a move designed in part to address concerns around software supply chain security. The Amazon cloud computing subsidiary ...
GIGAZINE

'Map of GitHub' maps over 400,000 GitHub projects to clearly show the relationships between projects

When you access the 'Map of GitHub,' you will see the following screen. According to Kashcha, the names of countries on the map, such as 'PlusPlus Nation,' 'Pythonia,' and 'PowerShell Land,' are ...