Researchers have uncovered a sustained campaign using GitHub's public APIs and ghost accounts to profile enterprise software ...
The issue affects GitHub Agentic Workflows setups that read public input, hold private repo access, and can post output ...
Noma Labs tricked GitHub's AI agent into leaking private repositories with a crafted issue. The prompt-injection flaw, GitLost, has no code fix.
North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
The North Korean state-sponsored Lazarus advanced persistent threat (APT) group is back with yet another impersonation scam, this time posing as developers or recruiters with legitimate GitHub or ...
Cybersecurity firm Novee has identified a GitHub Actions workflow-chain risk that can expose secrets even when checks pass, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results