VentureBeat

Microsoft adds 'critical' feature for GitHub security

A deeper integration between Microsoft Sentinel and GitHub is a win for application security, marking a major step toward helping companies address security challenges in the software supply chain, ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...
Techzine Europe

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign is currently targeting developers via GitHub. Attackers are exploiting the Discussions feature to spread fake security ...
Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

Some of the most significant software supply chain incidents over the past year were carried out by threat actors who exploited vulnerabilities in GitHub, the global repository widely used by software ...
SD Times

GitHub details upcoming changes to improve security in wake of Shai-Hulud worm in npm ecosystem

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

GitHub Store 1.7.0: Updates without click, security without root

Automatic updates, silent install, app-repo linking and signature verification: GitHub Store becomes a power-user tool with ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
Bitdefender

Fake Claude code leak on GitHub pushes Vidar malware

Fake Claude Code leak repos on GitHub are pushing Vidar malware at users hunting for Anthropic’s exposed source code.