GitHub Archives | Page 3 of 3 | CyberScoop

GitHub

Salesloft confirmed the impact is much more severe and widespread. (imageBROKER/Timon Schneider/Alamy)

Salesloft Drift security incident started with undetected GitHub access

The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.

Sep 8, 2025 By Matt Kapko

Getty Images

Unverified code is the next national security threat

Congress and federal agencies can take some simple steps to better protect open-source software.

Jun 9, 2025 By Dan Lorenc

In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)

Lazarus Group deceives developers with 6 new malicious npm packages

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

Mar 12, 2025 By Matt Kapko

An Opened Orange Colored Lock Standing Out From Locked Green Colored Locks on Green Background Directly Above View. (Getty Images)

Hackers find 15,000 credentials by scanning for git configuration

The credentials are likely for future phishing and spam campaigns, Sysdig researchers said.

Oct 30, 2024 By Christian Vasquez

PARIS, FRANCE – JUNE 04: In this photo illustration the GitHub logo is seen on the screen of an iPhone in front of a computer screen showing a Microsoft logo on June 04, 2018 in Paris, France. (Photo Illustration by Chesnot/Getty Images)

GitHub patches critical vulnerability in its Enterprise Servers

The “severe” flaw could allow attackers full access to instances.

Oct 16, 2024 By Christian Vasquez

A laptop displays a message after being infected by a ransomware as part of a worldwide cyberattack on June 27, 2017. (Rob Engelaar / ANP / AFP)

Report: New ransomware gang emerges in Vietnam

Researchers discovered a new ransomware gang that appears to be in the early stages of their extortion campaigns.

Aug 7, 2023 By Christian Vasquez

Gladkikh sanctions — The Treasury Department in Washington, D.C., on March 31, 2022. (Photo by STEFANI REYNOLDS/AFP via Getty Images)

Why Tornado Cash sanctions are drawing fierce criticism, potential court challenge from crypto group

Sanctions against the cryptocurrency mixer have ignited concern from industry stakeholders, privacy advocates and legal experts.

Aug 15, 2022 By Tonya Riley

(Getty Images)

White House hosts open-source software security summit in light of expansive Log4j flaw

The meeting will combine tech leaders with feds.

Jan 13, 2022 By Tim Starks

coding — (getty)

Hackers try to bug PHP programming language in supply chain cautionary tale

79% of websites use PHP, according to one estimate.

Mar 29, 2021 By Sean Lyngaas

GitHub — (Flickr user Ben Nuttal)

GitHub removes researcher’s Exchange Server exploit, sparking industry debate

As debate over security research ethics rages on, so, too, do the compromises of organizations running vulnerable Exchange Server software.

Mar 11, 2021 By Sean Lyngaas