Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...

Malicious npm package targeting OpenAI Codex users steals authentication tokens

The tool gathered over 29,000 downloads before the malicious npm package was identified ...
Bleeping Computer

GitHub to require all users to enable 2FA by the end of 2023

Two-factor authentication increases the security of accounts by introducing an additional step in the login process that requires entering a one-time code. For GitHub users, account takeovers can lead ...
TechRepublic

How to secure your GitHub account with two-factor authentication

GitHub wants you to protect your account with the right type of authentication. GitHub is now prompting developers and administrators who use the site to secure their accounts with two-factor ...

GitHub Actions outage told devs 'your account is suspended'

Following every major outage there is discussion of GitHub alternatives, with some organizations moving to self-hosted code repositories and/or CI/CD. GitHub is sticky though, par ...