A popular automated code analysis tool, DeepSource, is designed to identify vulnerabilities, bugs, and performance issues. Also, for more convenience, it has integration with GitHub, and now the DeepSource developers talked about hacking their GitHub application. DeepSource reported this week that GitHub security had notified them of potentially malicious activity in June. “On July 11th,… Continue reading DeepSource Developers Talked about Hacking of Their GitHub Application
Tag: GitHub
Google Unveiled a Source Code for Tsunami Vulnerability Scanner
Google has unveiled the source code for the Tsunami scanner, a scalable solution for detecting dangerous vulnerabilities with a minimum of false positives. The scanner is aimed at large corporate networks consisting of thousands or even millions of Internet-connected systems. The code is already available on GitHub. Tsunami will not be registered as a Google… Continue reading Google Unveiled a Source Code for Tsunami Vulnerability Scanner
GitHub will replace the term “master” with a more neutral one
Nat Friedman, leading GitHub after acquiring Microsoft in 2018, said on Twitter that GitHub will replace the term “master” with a more neutral synonymous. For example, main, to avoid unnecessary references to slave times. If this really happens, GitHub will become one of the many IT companies and open source projects that in recent years… Continue reading GitHub will replace the term “master” with a more neutral one
Octopus Scanner Malware Found On GitHub
GitHub developers have issued a warning about the appearance of the new Octopus Scanner malware, which is distributed ton the site through malicious Java projects. Octopus Scanner was discovered in projects managed with the Apache NetBeans IDE, a tool used to write and compile Java applications. After a tip received in March from information security… Continue reading Octopus Scanner Malware Found On GitHub
GitHub warned users about phishing attack
Representatives of the GitHub web service warned users of a massive phishing attack called Sawfish. Recently, users more and more often receive phishing emails with fake warnings about suspicious activity of a recorded account or strange changes made to the repository or settings. “The links attached to such messages lead to a fake GitHub login… Continue reading GitHub warned users about phishing attack