Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.

Hackers breach GitHub and access 3,800 internal repositories now listed for sale

GitHub has said it found about 3,800 internal repositories accessed in the breach and stressed that these contained its own code rather than customer projects. The ...
Martin Cid Magazine

Megalodon turned GitHub Actions into a 5,561-repo backdoor in six hours

Researchers at SafeDep traced 5,718 malicious commits to 5,561 GitHub repositories, all pushed in a six-hour window on a ...
Krebs on Security

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

On May 18, KrebsOnSecurity reported that a CISA contractor with administrative access to the agency’s code development ...
The Hacker News

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Megalodon pushed 5,718 malicious GitHub commits in 6 hours, exposing CI secrets and cloud credentials at scale.
SecurityWeek

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack

Grafana says hackers compromised business contact information and downloaded its codebase as a result of the TanStack supply ...

New Open-Source Plugin Turns Complex Repositories Into Interactive Maps

Learn how the Understand-Anything Claude Code plugin transforms complex repositories into interactive knowledge graphs to ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
The Next Web

GitLab 19.0 bets that the real bottleneck in software delivery is everything after writing the code

GitLab 19.0 extends agentic AI across the full development lifecycle with SBOM dependency scanning, Claude Opus 4.7 support, and credit-based agent pricing.
Tech Times

Streambert Streams Free Movies Via Russia-Linked VidSrc Domains: Hollywood Coalition Already Shut Down Similar App

A desktop app that lets users stream any movie, TV series, or anime for free and without ads hit the top of GitHub’s global ...
Digital LeadersOpinion

Will Public Sector AI be a Digital Landlord or tenant?

Earlier this month, NHS England told its teams to make all code repositories private by default. The reason given: ...