Researchers have uncovered a sustained campaign using GitHub's public APIs and ghost accounts to profile enterprise software ...
The issue affects GitHub Agentic Workflows setups that read public input, hold private repo access, and can post output ...
Maximize development velocity and eliminate operations toil with this indie-favorite serverless, event-driven, no-ops stack.
A prompt injection attack can trick GitHub’s preview Agentic Workflows into retrieving content from private repositories and ...
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to ...
Research shows signed Git commits can be re-encoded into fresh GitHub Verified hashes without changing files or breaking ...
Weak security controls around the use of public GitHub code repositories allowed a contractor for the Cybersecurity and ...
Attackers created at least 292 fake GitHub repositories that impersonated developer tools and redirected users to ...
OpenObserve, the open source, unified observability platform, today announced that its flagship project has surpassed 20,000 stars on GitHub, placing it among the most popular open source ...
HalluSquatting exploits AI coding assistants that hallucinate fake repository names, letting attackers register those names ...
A good 290 GitHub repositories, allegedly from security vendors, tool manufacturers, and other companies, are distributing ...
Your company likely uses hundreds of SaaS apps, but your security team is probably blind to who actually has access to them.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results