Bleeping Computer

GitHub accounts stolen in ongoing phishing attacks

GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. Besides taking over their ...

GitHub tightens npm security with mandatory 2FA, access tokens

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...

This worrying Git flaw could lead to users leaking credentials

Security researcher finds related attacks and dubbed them Clone2Leak This allowed threat actors to leak credentials through ...
Hosted on MSN

Git Tools Patched to Address Credential Vulnerabilities: Update Now

Two recent security issues with Git and its related tools have been fixed, so users should update their software. The vulnerabilities, CVE-2024-53263 and CVE-2024-53858, involve issues with credential ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...