The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.

How GitHub Is Securing the Software Supply Chain

In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the ...

GitHub details upcoming changes to improve security in wake of Shai-Hulud worm in npm ecosystem

In response to the recent supply chain attack in the JavaScript package manager npm, GitHub has made a few changes that will ...