Aikido Security says attackers injected malware into 18 npm packages with 2.6B+ total weekly downloads, after compromising a maintainer's account via phishing
Popular npm packages debug and chalk were recently compromised, exposing developers and organizations to potential malware risk. … Charlie Eriksen : Hello. It feels like the first Monday of the fall ...
Big names like Kelsey Hightower pull out of the DevTernity conference after allegations its founder made fake profiles of female speakers to boost diversity
Anna Boyko, listed as a staff engineer at Coinbase, and Natalie Stadler, a “software craftswoman” at Coinbase—were included on the site as speakers but appear to not exist in real life. Neither have ...
Twitch acknowledges a “breach” after a 4chan user leaks its source code, creator payouts from 2019-2021, proprietary SDKs, internal AWS services, and more
The entire code based leaked online. Now what? Alex Calvin / PC Games Insider : Twitch confirms it has been the victim of a massive hack Nathan Grayson / Washington Post : Massive Twitch hack reveals...
GitHub adds security key support for SSH Git operations, as it continues its plan to remove password support for Git operations later this year
Support has been added to bolster defense against account compromise. — GitHub has announced support for security keys to prevent account compromise in SSH Git operations.
Nissan confirms that source code of its North America mobile apps and internal tools was leaked online after the company misconfigured one of its Git servers
Nissan was allegedly running a Bitbucket Git server with the default credentials of admin/admin. Tweets: @ichetan , @wana____ , and @nilssonanders Tweets: @ichetan : I've accessed (Read Only) Big Chun...
Some Git source code repositories, including at least 392 from GitHub, have been wiped and replaced with a ransom demand in a possible coordinated attack
Hacker wipes Git repos and asks for Bitcoin. Gives victims 10 days and threatens to release the code.
Some Git source code repositories, including at least 392 from GitHub, have been wiped and replaced with a ransom demand in a possible coordinated attack
Hacker wipes Git repos and asks for Bitcoin. Gives victims 10 days and threatens to release the code.
Ubiquitous code repository project Git patches two flaws, including one letting an attacker execute code on systems that recursively cloned a malicious Git repo
Catalin Cimpanu / BleepingComputer.com :
Vulnerability in Git, Mercurial allows for arbitrary code execution on OSX, Windows; affects Visual Studio, Github client app, among others
Junio C Hamano / Gmane :