Redmond Magazine

Microsoft Sentinel Adds GitHub Code Repository Monitoring

Microsoft announced on Wednesday that it's now possible to use Microsoft Sentinel to continuously monitor GitHub developer repositories for possible adverse activities. Sentinel is Microsoft's ...
ZDNet

Git repository vulnerability leads to remote code execution attacks

A severe vulnerability has been patched in Git software source code to prevent remote code execution attacks being launched at users. The bug, which is industry-wide, was disclosed on Tuesday. Git, ...
Tom's Hardware on MSN

Invisible malicious code attacks 151 GitHub repos and VS Code

The technique exploits Unicode Private Use Area characters, which render as zero-width whitespace in virtually every code ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
WinBuzzer

Trivy Breached Twice in a Month via GitHub Actions

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...