New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
NewsBytes

Why Microsoft has shut down code repositories on GitHub

Hackers infiltrated Microsoft's open-source projects on GitHub, embedding password-stealing malware into the code, prompting ...
The Hacker News

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...

开源AI大乱斗:Hermes能干掉OpenClaw吗?

今年四月,一位资深“养虾人”(OpenClaw用户的自称)在社群里说了这么一句。这话像块石头,在圈子里激起了不少水花。但你发现没?这么说的,不止他一个。 差不多同时,GitHub的全球趋势榜榜首换人了。Reddit、X、还有中文技术论坛里,“从OpenClaw换到Hermes”的教程和体验帖也开始刷屏。它用两个月,狂揽6.4万GitHub星,最猛的时候一天涨6400颗星。它就是Nous Resea ...
Morning Overview on MSN

GitHub confirms TeamPCP walked off with 3,800 internal repositories — and the gang is ...

A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house. The company has confirmed that attackers accessed roughly 3,800 of its ...
Developer Tech

GitHub brings agentic workflows to GitHub Actions

GitHub has released Agentic Workflows in public preview, bringing coding agents into GitHub Actions for automated engineering ...
Computing

Microsoft’s GitHub repositories taken offline amid Miasma supply chain attack

Dozens of Microsoft-owned software repositories have been taken offline following a major cyberattack linked to the rapidly ...
The Hacker News

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and ...