GitHub Copilot’s price shakeup could end cheap AI coding as we know it
It was fun while it lasted, but it’s starting to look like the end for flat-rate AI plans as we know them, with GitHub being the first to turn out the lights. Just a week…
GitHub
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Last week, cybersecurity researchers uncovered a hacking campaign targeting iPhone users that used an advanced hacking tool called DarkSword. Now, someone has leaked a newer version of DarkSword and published it on the code sharing…
Supply-chain attack using invisible code hits GitHub and other repositories
Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to detect such threats. The researchers, from firm Aikido Security, said Friday…
Home Depot exposed access to internal systems for a year, says researcher
A security researcher said Home Depot exposed access to its internal systems for a year after one of its employees published a private access token online, likely by mistake. The researcher found the exposed token…
Salesloft says Drift customer data thefts linked to March GitHub account hack
Salesloft said a breach of its GitHub account in March allowed hackers to steal authentication tokens that were later used in a mass-hack targeting several of its big tech customers. Citing an investigation by Google’s…
GitHub abused to distribute payloads on behalf of malware-as-a-service
Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to targets. The use of GitHub gave the malware-as-a-service…
Hundreds of Minecraft mods on GitHub are infested with hard-to-spot spyware
Let’s say, as a thought experiment, that you’re a malware developer. You can choose to target specific groups of people to distribute your nefarious payloads. You might just go for a scattershot approach, but that’s…
Copilot exposes private GitHub pages, some removed by Microsoft
Microsoft’s Copilot AI assistant is exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent and, ironically, Microsoft. These repositories, belonging to more than 16,000 organizations,…
Thousands of exposed GitHub repos, now private, can still be accessed through Copilot
Security researchers are warning that data exposed to the internet, even for a moment, can linger in online generative AI chatbots like Microsoft Copilot long after the data is made private. Thousands of once-public GitHub repositories…
Thousands of exposed GitHub repositories, now private, can still be accessed through Copilot
Security researchers are warning that data exposed to the internet, even for a moment, can linger in online generative AI chatbots like Microsoft Copilot long after the data is made private. Thousands of once-public GitHub repositories…