Bleeping Computer

GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI

GitHub security team has identified several high-severity vulnerabilities in npm packages, "tar" and "@npmcli/arborist," used by npm CLI. The tar package receives 20 million weekly downloads on ...
Redmond Magazine

GitHub Expands Copilot to Teams, Strengthens npm Security and Adds Enterprise Usage Tools

GitHub rolled out several updates this week aimed at developer collaboration, open source security and enterprise billing. At the center is a new public preview of the GitHub Copilot app for Microsoft ...
Dark Reading

GitHub Aims to Secure Supply Chain as NPM Hacks Ramp Up

GitHub this week committed to a more secure NPM supply chain in the wake of a handful of attacks causing widespread compromise. On Sept. 22, GitHub senior director of security research Xavier ...