SecurityWeek

GitHub Copilot Chat Flaw Leaked Data From Private Repositories

A vulnerability in the GitHub Copilot Chat AI assistant led to sensitive data leakage and full control over Copilot’s responses.

In internal meeting, Microsoft execs share a plan to ward off AI coding rivals by overhauling GitHub

"GitHub is just not the place anymore where developers are storing code," one top Microsoft executive warned.

GitHub Copilot Chat turns blabbermouth with crafty prompt injection attack

Researcher Omer Mayraz of Legit Security disclosed a critical vulnerability, dubbed CamoLeak, that could be used to trick ...
VentureBeat

GitHub opens its vulnerabilities Advisory Database to community submissions

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More GitHub is opening the GitHub Advisory Database to community submissions, ...
Cryptopolitan on MSN

Hackers target South American crypto users on GitHub with credential stealing Trojan

Hackers are now stealing crypto credentials on GitHub with a banking Trojan called Astaroth. The development was revealed ...
Bleeping Computer

GitHub can now auto-block commits containing API keys, auth tokens

GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically. Secret scanning is ...
ZDNet

GitHub calls for contributions to new cybersecurity Advisory Database

GitHub announced on Tuesday that their Advisory Database for security data is now open to contributions from experts. GitHub senior product manager Kate Catlin explained that the company has teams of ...
TechCrunch

JFrog deepens its partnership with GitHub, launches runtime security service

Earlier this year, software supply chain platform (and binary specialist) JFrog announced a partnership with GitHub that, among other things, allowed developers and the teams that support them to ...
SD Times

GitHub introduces security campaigns to help developers reduce security debt

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
TechCrunch

GitHub’s latest AI tool can automatically fix code vulnerabilities

It’s a bad day for bugs. Earlier today, Sentry announced its AI Autofix feature for debugging production code and now, a few hours later, GitHub is launching the first beta of its code-scanning ...
InfoQ

How GitHub Leverages CodeQL for Security

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Kenneth Harris, a NASA veteran who worked on ...

Red Hat confirms security incident after hackers breach GitLab instance

An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data across 28,000 internal development respositories belonging to Red Hat, with the company ...