GitHub repo now also hosting YouTube-dl's source code Besides the huge number of new YouTube-dl repos that popped up since October 23, a copy of YouTube-dl's source code was also added to an official ...

Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely. This ...

Anthropic executives said it was an accident and retracted the bulk of the takedown notices.

Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

Cyberattackers in just the last few months have registered more than 100,000 — but by some estimates more than a million — malicious copycat repositories on GitHub. The "repo confusion" scheme is ...

GitHub repositories host malware disguised as tools that gamers, and privacy-seekers are likely to download The fake VPN campaign drops malware straight into AppData and hides it from plain view ...

Millions of enterprise software repositories on GitHub are vulnerable to repojacking, a relatively simple kind of software supply chain attack where a threat actor redirects projects that are ...

GitHub has announced that its secret scanning alerts service is now generally available to all public repositories and can be enabled to detect leaked secrets across an entire publishing history.