Today, at the GitHub Universe developer conference, GitHub announced the launch of a new community program called Security Lab that brings together security researchers from different organizations to ...

Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...

GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...

At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open ...

Earlier this year, software supply chain platform (and binary specialist) JFrog announced a partnership with GitHub that, among other things, allowed developers and the teams that support them to ...

A security researcher tried to alert Home Depot to the security lapse exposing its back-end GitHub source code repos and ...

GitHub, which owns the npm registry for JavaScript packages, says it is tightening security in response to recent attacks.… September has been a bad month for npm with phishing attacks on package ...

GitHub has added support for securing SSH Git operations using FIDO2 security keys for added protection from account takeover attempts. Researchers at North Carolina State University (NCSU) found [PDF ...

GitHub is investing in tools and educational measures meant to stop developers from leaking secrets. CSO Mike Hanley said the firm is continuing to develop tools that automatically scan for leaks. The ...

GitHub is rolling out new tools to help developers on its platform avoid security blunders. Over 99% of security incidents on GitHub stem from developer mistakes, a product head told Insider. GitHub ...