Bleeping Computer

Dev rejects CVE severity, makes his GitHub repo read-only

The popular open source project, 'ip' recently had its GitHub repository archived, or made "read-only" by its developer. Fedor Indutny, due to a CVE report filed against his project, started getting ...
Bleeping Computer

Clever 'GitHub Scanner' campaign abusing repos to push malware

A clever threat campaign is abusing GitHub repositories to distribute the Lumma Stealer password-stealing malware targeting users who frequent an open source project repository or are subscribed to ...
InfoQ

MinIO GitHub Repository in Maintenance Mode: What's Next for the Open Source Object Storage?

After a contentious license change and the removal of administrator functionalities from the console, the company behind the ...
ZDNet

How to move your codebase into GitHub for analysis by ChatGPT Deep Research - and why you should

A few days ago, I showed you an amazing new ChatGPT feature available to paying users. Plus, Pro, and Team tier users can now point Deep Research at an entire GitHub repo and get back analysis reports ...
Dark Reading

Millions of Malicious Repositories Flood GitHub

Cyberattackers in just the last few months have registered more than 100,000 — but by some estimates more than a million — malicious copycat repositories on GitHub. The "repo confusion" scheme is ...