The Register on MSN
GitHub moves to tighten npm security amid phishing, malware plague
Hundreds of compromised packages pulled as registry shifts to 2FA and trusted publishing GitHub, which owns the npm registry ...
GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...
Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent compromise of Josh Junon (Qix), the maintainer of 18 NPM packages that have ...
GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
In response to the recent supply chain attack in the JavaScript package manager npm, GitHub has made a few changes that will ...
Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Whether directly or indirectly, nearly all organizations depend on ...
Today, at the GitHub Universe developer conference, GitHub announced the launch of a new community program called Security Lab that brings together security researchers from different organizations to ...
GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords. GitHub, the ubiquitous host for ...
Over 39 million API keys, credentials, and other secrets leaked onto GitHub’s platform last year, but an update to its scanning tool could help stop that. The widely used cloud-based version-control ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback