Bleeping Computer

GitHub rolls out free secret scanning for all public repositories

GitHub is rolling out support for the free scanning of exposed secrets (such as credentials and auth tokens) to all public repositories on its code hosting platform. Secret scanning is a security ...
TechRepublic

GitHub offers secret scanning for free

The open source software development service has made it easier for developers using its public repositories to keep coding secrets and tokens close to the chest. Image: prima91/Adobe Stock ...
CSO Online

Contractor’s public GitHub account exposed GovCloud and CISA credentials

This kind of exposure happens with alarming frequency,’ said an expert; here’s what CSOs and CIOs should do to protect ...
Tech Times

Lawmakers Demand Answers as CISA Scrambles to Contain Catastrophic GitHub Credential Leak

CISA GitHub credential leak exposed AWS GovCloud admin keys, plaintext passwords, and an RSA private key for six months via a ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Many enterprises use GitHub Action Secrets to store and protect sensitive information such as credentials, API keys, and tokens used in CI/CD workflows. These private repositories are widely assumed ...
Dark Reading

CISA Exposes Secrets, Credentials in 'Private' Repo

CISA," the repo was publicly accessible online since Nov. 13, 2025. In a blog post, Valadon said he first discovered the ...
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...