News

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
CSOonline1y

Python GitHub token leak shows binary files can burn developers too

Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub. A personal ...
TheServerSide3y

Was GitHub's password authentication removal an overstep?

Community driven content discussing all aspects of software development from DevOps to design patterns. I can’t help but think GitHub went a little too far with its removal of password based ...