The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house. The company has confirmed that attackers accessed roughly 3,800 of its ...

Software developers working with command-line tools and large codebases now have a new option from Microsoft: ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

TeamPCP continues its attack on open source projects, now apparently asking for $50,000.

Use these tools to find your company's exposed secrets in repositories such as GitLab, GitHub, or Google Cloud Build before attackers do. Secrets stored in Git repositories have been a thorn in the ...

A hacker going by the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, in a typosquatting effort to impersonate legitimate projects — thus ...

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...

Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were hacked this month. According to a 'confidential' ...

A flaw in Anthropic’s Claude Code GitHub Action allowed a malicious GitHub issue from a bot actor to trigger workflows and ...