GitHub is finally tightening up security around npm following multiple attacks

Furthermore, GitHub announced it would deprecate legacy classic tokens, as well as time-based one-time password (TOTP) 2FA, ...

GitHub notifications abused to impersonate Y Combinator for crypto theft

A massive phishing campaign targeted GitHub users with cryptocurrency drainers, delivered via fake invitations to the Y ...
SecurityWeek

GitHub Boosting Security in Response to NPM Supply Chain Attacks

In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and ...

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.