A massive, self-replicating GlassWorm supply-chain attack has compromised hundreds of code repositories and extensions on GitHub, npm, and Open VSX.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

The technique exploits Unicode Private Use Area characters, which render as zero-width whitespace in virtually every code ...

Okta Inc. has experienced a data breach in which hackers accessed some of its source code repositories, BleepingComputer reported today. Nasdaq-listed Okta provides an identity management platform ...

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...

OpenAI reportedly developing internal code repository following GitHub outages ...

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...

New release integrates automated security scanning, AI-powered remediation, and GitHub-native workflows for enterprise ...

YARMOUTH, Maine – It’s been a hard year for security at identity and access management company Okta, with its most recent data breach incident causing the company to lose its source code to threat ...

At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain. The Octopus Scanner malware, which targets the Apache ...

The attacks started earlier today, appear to be coordinated across Git hosting services (GitHub, Bitbucket, GitLab), and it is still unclear how they are happening. What it is known is that the hacker ...