Tag: Repository
-
Researchers Claim Anyone Can Access Deleted, Private GitHub Repository Data
Cybersecurity researchers have revealed a GitHub design flaw that allows access to deleted and private repository data. Learn how the …
-
GitHub Restores Access to XZ Utils Repository
A week after finding a malicious backdoor, GitHub has safely restored access to the XZ Utils repo for developers …
-
OpenSSF and CISA partner on Principles for Package Repository Security
According to the OpenSSF, package repositories are a critical point in the open source ecosystem for either allowing or preventing attacks. …
-
Presentation: Implementing OSSF Scorecards Across an Organization
Transcript Swan: Welcome to implementing OpenSSF Scorecards across the …
-
OpenSSF Launches Malicious Packages Repository
The repository has already amassed over 15,000 reports of malicious packages, drawing data from various sources, including the OpenSSF …
-
GitHub Repository Rules are now generally available
Protected branches have been around for a while, and we’ve made numerous improvements over time. We’ve added new rules to protect …
-
PyPI Repository temporarily suspends user sign-ups and package uploads due to ongoing attacks
The Python Package Index (PyPI) maintainers have temporarily disabled the sign up and package upload processes due to an ongoing attack. …
-
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have …
-
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised
PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack …
-
Researchers Report Supply Chain Vulnerability in Packagist PHP Repository
Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that …
-
Open Source Repository Attacks Soar 700% in Three Years
The volume of malicious activity targeting upstream open source code repositories has hit triple-digit growth over the past three years, …
-
ActiveState Artifact Repository reduces the risk of securing Python supply chain
ActiveState releases ActiveState Artifact Repository to enable organizations to securely build Python dependencies directly from source …
●●●