Bleeping Computer

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...
Wired

A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by ...
Arabian Post on MSN

AI-driven GitHub attack hits research community

A coordinated cyber campaign using artificial intelligence to disguise malicious code is targeting researchers, developers ...
Bleeping Computer

Hackers steal 15,000 cloud credentials from exposed Git config files

A large-scale malicious operation named "EmeraldWhale" scanned for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. According to ...
9to5Mac

GitHub now supports ‘Sign in with Apple’ for new and existing accounts

You can now use your Apple Account for new and existing accounts on GitHub. Here’s how it works. Since 2019, Apple has offered “Sign in with Apple,” a privacy-focused alternative to social logins like ...