ZDNet

GitHub: Here's how we're changing our rules around malware and software vulnerability research

Microsoft-owned GitHub has updated its policies on sharing malware and exploits on the site to better support security researchers sharing so-called "dual-use" software – or software that can be used ...
Infosecurity-magazine.com

GitHub Adds Features to Automate Vulnerability Code Scanning

Hosting service GitHub has added a new feature to automatically set up code scanning on repositories. Called 'default setup,' the novel capability simplifies starting ...
Threat Post

Bug In Git Opens Developer Systems Up to Attack

A serious vulnerability was patched by developers behind Git that closes the door on a flaw that could lead to arbitrary code execution on a developer’s system. Git repository hosting services GitHub, ...
InfoWorld

GitHub Copilot update includes security vulnerability filtering

GitHub says the controversial AI-assisted coding tool is now being used by more than 400 organizations to increase developer productivity and improve code quality. GitHub Copilot, the controversial ...
CSOonline

Bazel PoC attack highlights transitive vulnerability risk in custom GitHub Actions

A dependent action in Bazel could permit malicious code injection into a GitHub Actions workflow, highlighting risk from third-party dependencies. Security researchers demonstrated a software ...
Bleeping Computer

Git Project Patches Remote Code Execution Vulnerability in Git

The Git Project announced yesterday a critical arbitrary code execution vulnerability in the Git command line client, Git Desktop, and Atom that could allow malicious repositories to remotely execute ...

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days ...