The Hacker News

Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...
InfoQ

GitHub Expands Copilot Ecosystem with AgentHQ

GitHub has announced AgentHQ, a new addition to its platform that aims to unify the fragmented landscape of AI tools within ...
InfoWorld

TypeScript rises to the top on GitHub

The strongly-typed language recently overtook both JavaScript and Python as the most used language on GitHub, with the rise ...

Leading AI companies keep leaking their own information on GitHub

AI companies have had a pretty rocky history with cybersecurity and data privacy, and new research from Wiz shows this still ...

JFrog Named GitHub’s 2025 Tech Partner of the Year, Powering the Future of DevSecOps, and AI Together

JFrog Ltd. (Nasdaq: FROG), the Liquid Software company and creators of the award-winning JFrog Software Supply Chain Platform ...

10 Key Takeaways From GitHub Octoverse 2025 Report

The timing of the Octoverse 2025 report release during the conference proved strategic, as it provided attendees with ...
SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
Security Boulevard

Scanning GitHub Gists for Secrets with Bring Your Own Source

Developers treat GitHub Gists as a "paste everything" service, accidentally exposing secrets like API keys and tokens. BYOS lets you scan and monitor these blind spots.
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...

Apple accidentally leaks new web App Store front-end source code, ends up on GitHub

Just hours after Apple launched a new web interface for the App Store, its front-end source code ended up on GitHub.

GitHub Agent HQ explained: How it aims to create specialized AI agents for developers

When GitHub Copilot first landed on developers’ screens in 2021, it felt like a quiet revolution – a coding partner that ...
CSO Online

AI startups leak sensitive credentials on GitHub, exposing models and training data

Experts say the leaks highlight how fast-growing AI firms may be prioritizing innovation over basic DevSecOps hygiene, ...