Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house. The company has confirmed that attackers accessed roughly 3,800 of its ...
Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were hacked this month. According to a 'confidential' ...
A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 ...
Use these tools to find your company's exposed secrets in repositories such as GitLab, GitHub, or Google Cloud Build before attackers do. Secrets stored in Git repositories have been a thorn in the ...
Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results