A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...

IT之家 8 月 5 日消息，GitHub 官方昨日（8 月 4 日）在 X 平台发布公告，宣布 GitHub Models 服务现在为每位 GitHub 用户提供免费、兼容 OpenAI 规范的 API ...

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve ...

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories.

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with ...

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...

GitHub has announced it will be bringing its secret scanning capability to more users in a bid to help public repository admins detect leaked secrets in their repositories before a breach happens.

"As with previously discovered vulnerabilities, GitHub.com will detect malicious repositories, and will reject pushes or API requests attempting to create them," The Git Project says.

Previously, only upgraded GitHub Pro accounts could create a private GitHub repository. This option is now available to all accounts -- but with a catch that can limit users.