GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, including internal source code.

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

A massive supply chain attack dubbed Megalodon has infected over 5,500 GitHub repositories with credential-stealing malware, ...

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

Multiple current and former Target employees have reached out to BleepingComputer to confirm that the source code and documentation shared by a threat actor online match real internal systems. A ...

Code sharing platform GitHub, which has over 150 million registered developers worldwide, announced on Wednesday that an unauthorised actor had gained access to its internal systems. A threat actor ...

Developers who rely on GitHub Copilot inside Visual Studio Code now have a new option built entirely by Microsoft. The ...