InfoQ

GitHub Actions Custom Runner Images Reach General Availability

GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview ...
Dark Reading

AI-Assisted Supply Chain Attack Targets GitHub

PRT-scan is the second campaign in recent months where a threat actor has leveraged AI for automated targeting of a ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

IntelliJ IDEA 2026.1: Free basic support for JavaScript and TypeScript

Developers can now use all ACP-compatible AI agents and receive basic features for JavaScript and TypeScript for free – without an Ultimate subscription.
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...
Bleeping Computer

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. Secret scanners are specialized utilities that ...
WinBuzzer

Windows Zero-Day Published on Github as Microsoft Fails to Act

A researcher has published a Windows zero-day exploit called BlueHammer on GitHub after Microsoft's Security Response Center ...