SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
ZDNet

GitHub security alerts now support Java and .NET projects

Code hosting service GitHub has updated its platform this week, and among the many developer-centric changes, the company also rolled out three new security features for project owners. The most ...
Bleeping Computer

GitHub expands security tools after 39 million secrets leaked in 2024

GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...
TechRepublic

How GitHub Is Securing the Software Supply Chain

A surge in supply chain attacks has put open-source software risk, prompting GitHub to strengthen security across its npm ecosystem. The company, which operates the world’s largest code repository, is ...
Business Insider

GitHub says 99% of security incidents on its mega-popular code-sharing platform come from developer mistakes, and launches a new tool to help save programmers from themselves

GitHub is rolling out new tools to help developers on its platform avoid security blunders. Over 99% of security incidents on GitHub stem from developer mistakes, a product head told Insider. GitHub ...
ZDNet

GitHub security alerts now support PHP projects

Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...