Morning Overview on MSN

GitHub’s critical flaw let anyone with push access execute code on servers holding millions of private repos

A single git push command. That is all it would have taken for someone with write access to a repository on GitHub Enterprise ...
Morning Overview on MSN

Microsoft patches GitHub’s worst vulnerability in years within two hours of disclosure — no exploitation found

A critical remote code execution flaw in GitHub was patched by Microsoft in roughly two hours after public disclosure, ...
Bleeping Computer

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...

"GitHub is failing me, every single day, and it is personal": After Xbox and Windows, now GITHUB is in crisis — Microsoft, what are you doing?

One of GitHub's most staple contributors announced they are abandoning ship due to constant outages. GitHub's COO responds, ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
GovInfoSecurity

Trellix Discloses Source Code Hack

Trellix disclosed over the weekend that hackers found their way to its source code repository. The company said that ...
Bleeping Computer

Target employees confirm leaked source code is authentic

Multiple current and former Target employees have reached out to BleepingComputer to confirm that the source code and documentation shared by a threat actor online match real internal systems. A ...
TechCrunch

GitHub’s latest AI tool can automatically fix code vulnerabilities

It’s a bad day for bugs. Earlier today, Sentry announced its AI Autofix feature for debugging production code and now, a few hours later, GitHub is launching the first beta of its code-scanning ...
Ars Technica

Winamp deletes entire GitHub source code repo after a rocky few weeks

Winamp, through its Belgian owner Llama Group, posted the source for its “Legacy Player Code” on September 24 so that developers could “contribute their expertise, ideas, and passion to help this ...
Neowin

Id Publishes Quake II 2023 Source Code on Github

Source code for Quake II's 2023 rerelease is now available for all. The classic gameplay brings modern updates and is as modder friendly as Doom. The code is GPL-licensed and on Github now. The 2023 ...