News

Hackers breach Toptal GitHub account, publish malicious npm packages
Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node ...
Bleeping Computer8mon
GitHub projects targeted with malicious commits to frame researcher
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and ...
CSOonline1mon
GitHub hit by a sophisticated malware campaign as ‘Banana Squad ...
Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising fresh alarms for OSS supply chain security. A threat group dubbed ...
InfoWorld4mon
Thousands of open source projects at risk from hack of GitHub Actions ...
Thousands of open source projects at risk from hack of GitHub Actions tool. news. Mar 17, 2025 5 mins. ... GitHub and other open source code repositories like NPM, GitLab, ...
The Verge2y
Twitter says source code was leaked on GitHub, now it’s trying to ...
Parts of Twitter’s source code were recently leaked online on GitHub, but were taken down after the social media platform filed a DMCA request. The request notes that the leaked information ...
CSOonline2y
Most popular generative AI projects on GitHub are the least secure
For example, there are currently more than 30,000 open-source projects on GitHub using the GPT-3.5 family of LLMs, ... source code risk assessment, and build process risk assessment.