SEARCH
Archive
Phishing Campaign Targets PyPI Project Maintainers
The PyPI maintainers say a new phishing campaign is targeting Python project maintainers and aiming to steal credentials and compromise projects.
GitHub to Require 2FA for All Users
GitHub will require 2FA for all users who contribute code on the platform by the end of 2023.
Attackers Used Stolen OAuth Tokens to Download Private GitHub Repositories
A threat actor used stole OAuth tokens for third-party integrators Heroku and Travis-CI to access and download private GitHub repositories belonging to dozens of companies.
Q&A: Mike Hanley
Mike Hanley, CSO of GitHub, recently joined Dennis Fisher on the Decipher podcast to discuss the White House open source security summit in January, the Log4j response, and the challenges of helping millions of developers secure their projects.
Decipher Podcast: Mike Hanley
Mike Hanley, CSO at GitHub and former VP of security at Duo Security, joins Dennis Fisher to talk about the open source security summit at the White House, the Log4j response, and how the tech industry can support the open source community.