Tag: Github
-
Securing millions of developers through 2FA
Though technology has advanced significantly to combat the proliferation of sophisticated security threats, the reality is that preventing …
-
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #380
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly …
-
Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting
Hello fellow readers! Have you ever wondered how the GitHub Security Lab performs security …
-
Found means fixed: Introducing code scanning autofix, powered by GitHub Copilot and CodeQL
Starting today, code scanning autofix will be available in public beta for all GitHub Advanced Security customers. Powered by GitHub …
-
Gaining kernel code execution on an MTE-enabled Pixel 8
In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported to Arm on November 15, 2023 and was fixed …
-
RisePro stealer targets Github users in “gitgub” campaign
Github repositories We identified at least 13 such repositories belonging to a RisePro stealer campaign that was named “gitgub” by the …
-
Keeping secrets out of public repositories
Accidental leaks of API keys, tokens, and other secrets risk security breaches, reputation damage, and legal liability at a mind-boggling …
-
How to stay safe from repo-jacking
“Repo-jacking” is a type of supply chain attack that has received attention for its potential impact on open source software. In this …
-
Build code security skills with the GitHub Secure Code Game
In March 2023, we launched the Secure Code Game, an in-repo learning experience where players fix intentionally vulnerable code, so …
-
Fixing security vulnerabilities with AI
In November 2023, we announced the launch of code scanning autofix, leveraging AI to suggest fixes for security vulnerabilities in users’ …
-
The architecture of SAST tools: An explainer for developers
In today’s age of shifting left—an approach to coding that integrates security checks earlier into the software development lifecycle …
-
GitHub’s Engineering Fundamentals program: How we deliver on availability, security, and accessibility
How do we ensure over 100 million users across the world have uninterrupted access to GitHub’s products and services on a platform that …
●●●