GitHub

GitHub | News, how-tos, features, reviews, and videos

Latest from today

news
Image

GitHub admits major source code leak after 3,800 internal repositories breached

GitHub blamed the latest in a growing list of hacks claimed by TeamPCP on a poisoned VS Code extension.

By John E. Dunn
4 mins
Code SecurityGitHubVersion Control Systems
news
Image

GitHub scales back bug bounties, reminds users security is their responsibility too

By Anirban Ghoshal
5 mins
BugsGitHubVersion Control Systems
news
Image

GitHub shifts Copilot to usage-based billing, signaling a new cost model for enterprise AI tools

By Gyana Swain
5 mins
Artificial IntelligenceGitHubSoftware Development
news

GitHub adds Stacked PRs to speed complex code reviews

By Anirban Ghoshal
7 mins
Development ApproachesDevelopment ToolsGitHub
news

GitHub readies agents to automate repository maintenance

By Anirban Ghoshal
6 mins
DevopsGitHubVersion Control Systems
news

GitHub previews support for Claude and Codex coding agents

By Paul Krill
2 mins
Development ToolsGenerative AIGitHub
opinion

Is AI killing open source?

By Matt Asay
8 mins
GitHubOpen SourceTechnology Industry
analysis

Building AI agents with the GitHub Copilot SDK

By Simon Bisson
8 mins
Development ToolsGitHubVersion Control Systems
news

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

By Howard Solomon
4 mins
Development ToolsGitHubJavaScript

Articles

news

Possible software supply chain attack through AWS CodeBuild service blunted

Researchers at Wiz, who discovered the hole, said it could have led to compromised AWS GitHub repositories.

By Howard Solomon
Jan 15, 2026 5 mins
Development ToolsGitHubSecurity
opinion

Why ‘boring’ VS Code keeps winning

Developer trust in tools and a reliable ecosystem are a hard combination to beat. Competing tools, like Google’s Antigravity, need to deliver more than innovation.

By Matt Asay
Jan 12, 2026 7 mins
DeveloperGitHubVisual Studio Code
news

Did your npm pipeline break today? Check your ‘classic’ tokens

A spate of supply chain attacks forces GitHub’s npm to revoke ‘classic’ tokens. Despite this, larger worries about developer account security remain.

By John E. Dunn
Dec 10, 2025 4 mins
Development ToolsGitHubVersion Control Systems
news

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud environments.

By Taryn Plumb
Dec 9, 2025 6 mins
Cloud SecurityGitHubSecurity
news

New Shai-Hulud worm spreading through npm, GitHub

The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, say researchers.

By Howard Solomon
Nov 24, 2025 7 mins
GitHubVersion Control SystemsVulnerabilities
opinion

How GitHub won software development

Collaborating on code used to be hard. Then Git made branching and merging easy, and GitHub took care of the rest.

By Nick Hodges
Oct 8, 2025 5 mins
DevopsOpen SourceVersion Control Systems
news

QR codes become the vehicle for malware in new technique

A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially hiding in plain sight in embedded QR codes.

By Taryn Plumb
Sep 23, 2025 4 mins
Development ToolsMalwareVersion Control Systems
opinion

What GitHub can tell us about the future of open source

The numbers of stars, forks, and commits make a strong case that open source is the basis for everything from containers and devops to machine learning and AI.

By Matt Asay
Apr 21, 2025 7 mins
DevopsMachine LearningOpen Source
news

GitHub upgrades tooling to help developers stop leaking secrets

Developers get free and targeted advanced secret scanning features on GitHub to protect organizations from exposed secrets.

By Shweta Sharma
Apr 3, 2025 3 mins
Data and Information SecuritySecurityVersion Control Systems
news

Thousands of open source projects at risk from hack of GitHub Actions tool

Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.

By Howard Solomon
Mar 17, 2025 5 mins
Data BreachVersion Control SystemsVulnerabilities
news

GitHub to unbundle Advanced Security

GitHub Secret Protection and GitHub Code Security will extend access to advanced code and secret scanning to organizations of all sizes.

By Paul Krill
Mar 12, 2025 2 mins
Application SecuritySoftware DevelopmentVersion Control Systems
analysis

3 takeaways from the Ultralytics AI Python library hack

The Ultralytics AI library hack points to critical vulnerabilities in the Python ecosystem—but not where you might think. Here's what developers need to know.

By Serdar Yegulalp
Dec 11, 2024 5 mins
Application SecurityPythonVersion Control Systems
View all

Resources

whitepaper

Simplifying Hybrid Cloud Security

In today’s evolving threat landscape, security must be built in—not bolted on.

The post Simplifying Hybrid Cloud Security appeared first on Whitepaper Repository -.

By Nutanix
22 May 2026
Cloud SecurityData and Information SecurityIT Operations
Image
whitepaper

Stop Managing Clusters and Start Managing the Fleet: The Full Stack Kubernetes Advantage

By Nutanix
22 May 2026
Business IT AlignmentCloud NativeIT Operations
Image
whitepaper

How IoT Remote Monitoring Created a Scalable Service Model for Septic System Infrastructure

By CalAmp
22 May 2026
Data ManagementDigital TransformationInnovation
Image
View all