GitHub details upcoming changes to improve security in wake of Shai-Hulud worm in npm ecosystem

In response to the recent supply chain attack in the JavaScript package manager npm, GitHub has made a few changes that will ...

GitHub now supports ‘Sign in with Apple’ for new and existing accounts

Since 2019, Apple has offered “Sign in with Apple,” a privacy-focused alternative to social logins like Google or Facebook. The feature allows users to create and sign in to apps, services, platforms, ...
Bleeping Computer

GitHub expands security tools after 39 million secrets leaked in 2024

GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...
InfoQ

How GitHub Leverages CodeQL for Security

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Kenneth Harris, a NASA veteran who worked on ...
InfoWorld

GitHub upgrades tooling to help developers stop leaking secrets

Over 39 million API keys, credentials, and other secrets leaked onto GitHub’s platform last year, but an update to its scanning tool could help stop that. The widely used cloud-based version-control ...
Visual Studio Magazine

Hardening CI/CD: Essential Strategies to Mitigate Security Risks

As CI/CD pipelines become foundational to modern software development, they also become high-value targets for attackers.