Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say

Security researchers say 5,500 GitHub repositories have been affected by the attack.
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Memeburn

Microsoft Open-Source Tools Hacked to Steal AI Developers’ Passwords

Microsoft GitHub hack hit open-source AI tools, exposing developer passwords and cloud credentials. Here’s why SA tech teams ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
InfoWorld

Open Repos provides code metrics on open source projects

GitClear, maker of a toolkit for generating software project performance metrics, has publicly released Open Repos, a free tool to make it easier for contributors to participate in open source ...