News

CSO Online8d
GitHub Actions attack renders even security-aware orgs vulnerable
Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by ...
Bleeping Computer1y
GitHub comments abused to push malware via Microsoft repo URLs - BleepingComputer
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.
Wired7y
A 1.3-Tbs DDoS Hit GitHub, the Largest Yet Recorded | WIRED
On Wednesday, at about 12:15 pm EST, 1.35 terabits per second of traffic hit the developer platform GitHub all at once. It was the most powerful distributed denial of service attack recorded to ...