The Hacker News

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx data surfaced after March 23, 2026 supply chain attack, prompting repository lockdown and investigation, raising ...
Hosted on MSN

Criminals are using a dangerous fake free VPN to spread malware via GitHub - here's how to stay safe

GitHub repositories host malware disguised as tools that gamers, and privacy-seekers are likely to download The fake VPN campaign drops malware straight into AppData and hides it from plain view ...
Gadget Review on MSN

Bitwarden confirms compromise: What 10 million users need to know

Bitwarden confirmed a 93-minute CLI tool breach affecting only 334 users while password vaults remained secure and encrypted ...
Geeky Gadgets

Why your private GitHub repos may not be as secure as you think

Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely. This ...
Dark Reading

Millions of Malicious Repositories Flood GitHub

Cyberattackers in just the last few months have registered more than 100,000 — but by some estimates more than a million — malicious copycat repositories on GitHub. The "repo confusion" scheme is ...

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic executives said it was an accident and retracted the bulk of the takedown notices.
Dark Reading

Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking

Millions of enterprise software repositories on GitHub are vulnerable to repojacking, a relatively simple kind of software supply chain attack where a threat actor redirects projects that are ...