Alan Turing Institute researchers made GitHub Copilot produce harmful content it refuses in chat, by spreading the request across a coding workflow.
Cybersecurity firm Novee has identified a GitHub Actions workflow-chain risk that can expose secrets even when checks pass, ...
Noma Labs tricked GitHub's AI agent into leaking private repositories with a crafted issue. The prompt-injection flaw, GitLost, has no code fix.
Federal government has directed key digital regulators to suspend the implementation of new rules affecting internet platforms and online intermediaries while it develops a unified national regulatory ...
The flaw allows an unauthenticated attacker to craft a GitHub Issue in an org's public repository and then silently pull data ...
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't ...
Kaspersky GReAT warns developers of emerging cybersecurity threats; Stay informed and secure your applications against evolving cyber risks.
The researchers have discovered 8 repositories with critical misconfigurations that could lead to supply chain compromise ...
Kaspersky’s Global Research and Analysis Team (GReAT) has conducted a major review of the GitHub Actions workflows within top-starred repositories. Leveraging newly introduced Kaspersky Container ...
Cybersecurity researchers at Kaspersky have identified more than 250,000 potential security misconfigurations across GitHub ...
A variant of the infamous Shai-Hulud worm wreaked havoc on Microsoft's code repositories, triggering disruptions to CI/CD workflows and heightening concerns about increasing software supply chain ...
Microsoft’s GitHub temporarily disabled over 70 repositories after they were reportedly compromised by a worm in the latest open source supply chain attack. The code shack took down 73 repos within ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results