A malicious npm package targeting Anthropic's Claude users was uncovered after the attacker accidentally leaked their own GitHub private token in AI-generated code.
A major GitHub Actions outage left developers unable to deploy code for hours, compounded by an alarming error message claiming accounts were suspended.
The US Cybersecurity and Infrastructure Security Agency (CISA) accidentally left a private repository public, exposing sensitive credentials and infrastructure keys.
A sophisticated automated campaign dubbed 'Megalodon' has targeted thousands of GitHub repositories to steal cloud credentials and CI/CD secrets.
Microsoft has released the earliest known source code for DOS, including 86-DOS 1.00, transcribed from decades-old paper printouts.
The US Cybersecurity and Infrastructure Security Agency (CISA) left a public GitHub repository containing plain-text passwords and AWS keys open for six months.
A sophisticated automated campaign dubbed 'Megalodon' has targeted thousands of GitHub repositories, stealing cloud credentials via poisoned CI/CD pipelines.
A public GitHub repository belonging to CISA exposed AWS credentials, Kubernetes manifests, and plain-text passwords for half a year before being taken down.
A massive automated campaign dubbed Megalodon has targeted thousands of GitHub repositories, injecting malware designed to exfiltrate AWS, GCP, and Azure credentials.
A new automated campaign dubbed 'Megalodon' has targeted thousands of GitHub repositories, stealing cloud secrets and CI/CD credentials.