Wired

A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by ...
CSOonline

GitHub accounts targeted with fake security alerts

In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to authorize a malicious OAuth application. Successful execution of the Click-fix ...
VentureBeat

GitHub brings centralized, granular controls to enterprise user accounts

Let the OSS Enterprise newsletter guide your open source journey! Sign up here. GitHub has formally launched Enterprise Managed Users (EMUs), a new type of user account for GitHub Enterprise Cloud ...
CoinTelegraph

GitHub suspends accounts of Russian developers linked to sanctioned firms

Major developer platform GitHub has reportedly blocked more than a dozen accounts of Russian developers associated with organizations sanctioned by the United States government. The sanctioned ...

Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM ...