FedScoop

New GitHub authorization expands agency access to open source resources

Government IT offices now have access to a vast range of open source software resources and developers since GitHub gained FedRAMP operating authority for its Enterprise Cloud, according to a new ...
GIGAZINE

It's by design that anyone can access deleted or private repositories on GitHub.

GitHub allows anyone to access forks and repositories that have been deleted or set to private, and this behavior is by design and not a flaw, open source security firm Truffle Security said in a blog ...
heise online

Blackmailers take over GitHub repositories, grab data and delete content

Attackers have taken over GitHub repositories, copied their contents and then deleted them. The maintainers only found a readme file in the renamed repositories, which prompted them to contact the ...
Bleeping Computer

A mishandled GitHub token exposed Mercedes-Benz source code

A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz is a prestigious German car, bus, and truck ...
Ars Technica

GitHub abused to distribute payloads on behalf of malware-as-a-service

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...