GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks.

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
Dark Reading

AI-Assisted Supply Chain Attack Targets GitHub

PRT-scan is the second campaign in recent months where a threat actor has leveraged AI for automated targeting of a ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
GovInfoSecurity

OpenAI's Coding Agent Flaw Exposed GitHub Passwords

Security researchers at BeyondTrust Phantom Labs discovered a critical flaw in OpenAI's Codex coding agent that allowed an ...