GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, including internal source code.

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Multiple current and former Target employees have reached out to BleepingComputer to confirm that the source code and documentation shared by a threat actor online match real internal systems. A ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

Code sharing platform GitHub, which has over 150 million registered developers worldwide, announced on Wednesday that an unauthorised actor had gained access to its internal systems. A threat actor ...

Update, Jan 13th, 2026: Multiple Target employees have now confirmed in our follow-up report the authenticity of leaked source code sample set and shared internal announcements regarding an access ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

Developers who rely on GitHub Copilot inside Visual Studio Code now have a new option built entirely by Microsoft. The ...