Bleeping Computer

GitHub repos bombarded by info-stealing commits masked as Dependabot

Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers. The campaign unfolded in July ...
The Next Web

GitHub is making 2FA mandatory for devs — here’s how to enable it

GitHub is increasing the security of repositories by requiring all developers to enable two-factor authentication by the end of 2023. The company’s directive is ...
TechRadar

GitHub update will help you squash the hidden security bugs in your code

GitHub will now send a Dependabot alert for vulnerable GitHub Actions which could make it easier to stay up to date and fix security vulnerabilities in your actions workflows. GitHub Actions is the ...