GitHub

GitHub Copilot Chat Flaw Leaked Data From Private Repositories

AI, Artificial Intelligence, Data leak, GitHub, GitHub Copilot, vulnerability /

GitHub Copilot Chat Flaw Leaked Data From Private Repositories 2025-10-09 at 14:04 By Ionut Arghire Hidden comments allowed full control over Copilot responses and leaked sensitive information and source code. The post GitHub Copilot Chat Flaw Leaked Data From Private Repositories appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

GitHub Copilot Chat Flaw Leaked Data From Private Repositories Read More »

DefectDojo: Open-source DevSecOps platform

DevSecOps, Don't miss, GitHub, News, open source, software /

DefectDojo: Open-source DevSecOps platform 2025-10-08 at 09:39 By Anamarija Pogorelec DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track and remove duplicate findings, handle remediation, and generate reports. Whether you’re a solo security practitioner or a CISO managing multiple teams, DefectDojo helps

React to this headline:

Loading spinner

DefectDojo: Open-source DevSecOps platform Read More »

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines

Artificial Intelligence, generative AI, GitHub, News, Protegrity, Python, software /

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines 2025-10-03 at 09:39 By Help Net Security Protegrity Developer Edition enables developers, data scientists, ML engineers, and security teams an easy way to add data protection into GenAI and unstructured data workflows, without the need for enterprise setup. Billed as the first enterprise-grade, governance-focused

React to this headline:

Loading spinner

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines Read More »

Hackers claim to have plundered Red Hat’s GitHub repos

data breach, data theft, Don't miss, GitHub, Hot stuff, News, Red Hat /

Hackers claim to have plundered Red Hat’s GitHub repos 2025-10-02 at 20:00 By Zeljka Zorz The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitHub and have exfiltrated data from over 28,000 internal repositories connected to the company’s consulting

React to this headline:

Loading spinner

Hackers claim to have plundered Red Hat’s GitHub repos Read More »

Chekov: Open-source static code analysis tool

cloud security, code analysis, cybersecurity, Don't miss, GitHub, News, open source, software /

Chekov: Open-source static code analysis tool 2025-10-02 at 09:18 By Sinisa Markovic Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition analysis (SCA) for

React to this headline:

Loading spinner

Chekov: Open-source static code analysis tool Read More »

Firezone: Open-source platform to securely manage remote access

cybersecurity, GitHub, News, open source, remote access, secure connectivity, software, VPN /

Firezone: Open-source platform to securely manage remote access 2025-09-29 at 08:36 By Sinisa Markovic Firezone is an open-source platform that helps organizations of any size manage secure remote access. Unlike most VPNs, it uses a least-privileged model, giving users only the access they need. Firezone was built to scale from the start, so you can

React to this headline:

Loading spinner

Firezone: Open-source platform to securely manage remote access Read More »

Delinea releases free open-source MCP server to secure AI agents

agentic AI, Artificial Intelligence, cybersecurity, Delinea, GitHub, News, open source, software /

Delinea releases free open-source MCP server to secure AI agents 2025-09-26 at 08:06 By Sinisa Markovic AI agents are becoming more common in the workplace, but giving them access to sensitive systems can be risky. Credentials often get stored in plain text, added to prompts, or passed around without proper oversight. Delinea wants to fix

React to this headline:

Loading spinner

Delinea releases free open-source MCP server to secure AI agents Read More »

GitHub Boosting Security in Response to NPM Supply Chain Attacks 

2FA, Application Security, authentication, GitHub, NPM, supply chain, Supply Chain Security /

GitHub Boosting Security in Response to NPM Supply Chain Attacks  2025-09-24 at 13:18 By Ionut Arghire GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing. The post GitHub Boosting Security in Response to NPM Supply Chain Attacks  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

GitHub Boosting Security in Response to NPM Supply Chain Attacks  Read More »

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history

GitHub, News, open source, scanning, software /

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history 2025-09-24 at 08:10 By Anamarija Pogorelec Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other

React to this headline:

Loading spinner

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Don't miss, GitHub, Hot stuff, LastPass, macOS, Malware, News, SEO, social engineering /

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

React to this headline:

Loading spinner

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

Cybersecurity AI (CAI): Open-source framework for AI security

agentic AI, Artificial Intelligence, Don't miss, framework, GitHub, News, open source, software /

Cybersecurity AI (CAI): Open-source framework for AI security 2025-09-22 at 10:29 By Anamarija Pogorelec Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use AI

React to this headline:

Loading spinner

Cybersecurity AI (CAI): Open-source framework for AI security Read More »

Rayhunter: EFF releases open-source tool to detect cellular spying

Don't miss, EFF, GitHub, mobile devices, News, open source, Privacy, software, surveillance /

Rayhunter: EFF releases open-source tool to detect cellular spying 2025-09-17 at 08:12 By Anamarija Pogorelec The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI catchers or Stingrays, mimic cell towers to trick phones into connecting so they can collect

React to this headline:

Loading spinner

Rayhunter: EFF releases open-source tool to detect cellular spying Read More »

GitHub adds post-quantum protection for SSH access

access control, Don't miss, Encryption, GitHub, News, NIST, OpenSSH, quantum computing, SSH /

GitHub adds post-quantum protection for SSH access 2025-09-16 at 12:05 By Sinisa Markovic GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. What GitHub is changing GitHub has introduced a new type of SSH key that combines

React to this headline:

Loading spinner

GitHub adds post-quantum protection for SSH access Read More »

Phishing campaign targets Rust developers

Don't miss, GitHub, Hot stuff, News, programming, rust, spear-phishing /

Phishing campaign targets Rust developers 2025-09-15 at 19:27 By Zeljka Zorz Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm phishing campaign. The phishing email The emails started hitting developers’ inboxes on Friday, minutes after they published a (new)

React to this headline:

Loading spinner

Phishing campaign targets Rust developers Read More »

Arkime: Open-source network analysis and packet capture system

GitHub, network analysis, News, open source, traffic monitoring /

Arkime: Open-source network analysis and packet capture system 2025-09-15 at 08:47 By Help Net Security Arkime is an open-source system for large-scale network analysis and packet capture. It works with your existing security tools to store and index network traffic in standard PCAP format, making it easy to search and access. The solution includes a

React to this headline:

Loading spinner

Arkime: Open-source network analysis and packet capture system Read More »

Garak: Open-source LLM vulnerability scanner

Artificial Intelligence, Don't miss, GitHub, LLMs, News, open source, scanner, software /

Garak: Open-source LLM vulnerability scanner 2025-09-10 at 09:00 By Help Net Security LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks for problems like hallucinations, prompt injections, jailbreaks, and toxic outputs. By running

React to this headline:

Loading spinner

Garak: Open-source LLM vulnerability scanner Read More »

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

Application Security, GhostAction, GitHub, secrets sprawl, Supply Chain Security /

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets 2025-09-08 at 16:20 By Eduard Kovacs A supply chain attack called GhostAction has enabled threat actors to steal secrets and exploit them. The post GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets Read More »

Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack

GitHub, S1ngularity, secrets sprawl, supply chain, Supply Chain Security /

Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack 2025-09-08 at 13:46 By Ionut Arghire The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack. The post Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack Read More »

Scroll to Top