GitHub has enabled automatic security updates for known vulnerable open source dependencies in user repositories; a feature warmly welcomed by users. The move comes just a week after the Microsoft-owned company bought  Dependabot, which powers the functionality:

Read full article on CBR – CyberSecurity News