PC World

GitHub bans weak passwords after brute-force attack results in compromised accounts

Popular source code repository service GitHub has recently been hit by a brute-force password-guessing attack that successfully compromised some accounts. “We sent an email to users with compromised ...
Ars Technica

GitHub abused to distribute payloads on behalf of malware-as-a-service

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...
Bleeping Computer

Hackers stealing GitHub accounts using fake CircleCI notifications

GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform. The ...
Bleeping Computer

GitHub Service Abused by Attackers to Host Phishing Kits

Malicious actors hosted phishing kits on the web-based GitHub code hosting platform by abusing the service's free repositories to deliver them to their targets via github.io domains. This technique ...
GizChina

GitHub officially Passkey service launched

GitHub started testing Passkey in July this year. According to its official blog, GitHub has officially launched the Passkey service. All GitHub users can enable Passkey in their account security ...