A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

GitHub, the code hosting platform used by tens of millions of software developers around the world, announced today that all users who upload code to the site will need to enable one or more forms of ...

Community driven content discussing all aspects of software development from DevOps to design patterns. I can’t help but think GitHub went a little too far with its removal of password based ...

GitHub wants you to protect your account with the right type of authentication. GitHub is now prompting developers and administrators who use the site to secure their accounts with two-factor ...

Here is some news that is both straightforward and still a long time out but nevertheless important: by the end of 2023, GitHub will require all users who contribute ...

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

The tool gathered over 29,000 downloads before the malicious npm package was identified ...

You’ve heard the advice for years: Turn on two-factor authentication everywhere it’s offered. It’s long been clear that using only a username and password to ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Sometime in early 2026, a software developer did what millions of programmers do every week: updated a dependency. The ...

Following every major outage there is discussion of GitHub alternatives, with some organizations moving to self-hosted code repositories and/or CI/CD. GitHub is sticky though, par ...