Immediately after the 2011 break-in, the Linux Foundation began "mandating a fairly strict authentication policy for those developers who commit directly to the git repositories housing the Linux ...

“It is important to keep in mind that courts have found that the mere intent to keep the document confidential is insufficient.” Recently, I met with a potential client to discuss key points that ...

A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 ...

Home improvement giant Home Depot ($HD) recently discovered a very serious problem lurking in its internal systems. It was the kind of problem ...

Use these tools to find your company's exposed secrets in repositories such as GitLab, GitHub, or Google Cloud Build before attackers do. Secrets stored in Git repositories have been a thorn in the ...

A hacker going by the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, in a typosquatting effort to impersonate legitimate projects — thus ...

Thanks to a combination of sophisticated methodology and social engineering, this particular attack seems to be very difficult to stop. When you purchase through links on our site, we may earn an ...

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...

A recently announced SHA-1 collision attack has the potential to break code repositories that use the Subversion (SVN) revision control system. The first victim was the repository for the WebKit ...

The Git Project has disclosed the existence of a severe vulnerability which can lead to the execution of arbitrary code. The vulnerability, CVE-2018-17456, was disclosed on Friday. The ...