News

Attack via GitHub MCP server: Access to private data
The official integration of the Model Contet Protocol in GitHub can expose private information if used carelessly.
WinBuzzer2d
GitHub Copilot Ecosystem Hit by Critical MCP Server Security Flaw
GitHub's Model Context Protocol (MCP) has a critical vulnerability allowing AI coding agents to leak private repo data.
Bleeping Computer1mon
GitHub expands security tools after 39 million secrets leaked in 2024
GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...
These fake GitHub "security alerts" could actually let hackers hijack your account
Security researchers spot new phishing campaign targeting GitHub users A fake "security alert" GitHub account was notifying users of suspicious logins The links in the notification all point to a ...
TechCrunch1y
GitHub’s latest AI tool can automatically fix code vulnerabilities
This new feature is now available for all GitHub Advanced Security (GHAS) customers. Code-scanning autofix in GitHub Copilot. Image Credits: GitHub “Just as GitHub Copilot relieves developers ...
InfoQ2mon
How GitHub Leverages CodeQL for Security
GitHub’s Product Security Engineering team secures the code behind GitHub by developing tools like CodeQL to detect and fix vulnerabilities at scale. They’ve shared insights into their ...
Hackaday2y
This Week In Security: Github, Google, And Realtek
GitHub Desktop may have stopped working for ... If nothing else, it’s a reminder that even a project with a well run security team can have problems. There’s a new, clever attack on the ...
TechRepublic1y
GitHub Universe: Open Source Trends Report and New AI Security Products
GitHub Universe: Open Source Trends Report and New AI Security Products Your email has been sent GitHub Advanced Security gains AI features, and GitHub Copilot now includes a chatbot option.