Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains. The "critical exploitable pattern" has ...
The security defects allow unauthenticated users to take control of the open source software supply chain. A systemic class of exploitable CI/CD vulnerabilities in the open source software supply ...
New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an ...
After publicly touting pull request limits as a way to cut maintainer noise, GitHub is taking the same idea further with a new setting that lets repository admins restrict issue creation to ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, and credential risk.
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
pgEdge’s ColdFront could appeal to enterprises looking to reduce storage costs without sacrificing application compatibility or the ability to modify historical data. Managing Rural Health ...
WAL-E is obsolete. Though it has been used recently, nobody routinely reviews patches or fixes regressions that are occasionally introduced by changing libraries and Python versions. It is also not ...
We are currently re-evaluating what content belongs in github.com/pulumi/templates, how it should be organized, and how it should be maintained. During this ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results