The Register on MSN

700+ self-hosted Gits battered in 0-day attacks with no fix imminent

More than half of internet-exposed instances already compromised Attackers are actively exploiting a zero-day bug in Gogs, a ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
ZDNet

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
Bleeping Computer

GitHub now can auto-block token and API key leaks for all repos

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories. Today's announcement comes after the company introduced push ...

Public GitLab repositories exposed more than 17,000 secrets

After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed ...
Security Boulevard

Shai-Hulud 2.0: over 14,000 secrets exposed

On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian ...
TheServerSide

Why GitHub renamed its master branch to main

Since its inception, the Git DVCS tool's default branch name was set to master. Every Git repository had a master branch unless a developer took explicit steps to remove it, which was rarely ever done ...
Forbes

How To Clean Up And Reduce The Size Of A Git Repository

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. Git version control enables software development engineers to save versions of code, access ...