The Hacker News

Npm Package Targeting GitHub-Owned Repositories Flagged as Red Team Exercise

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...

AI Giants Accidentally Leaking Secrets on GitHub

Research by Wiz shows that industry titans, with combined valuations exceeding $400 billion, have left the equivalent of ...
CSO Online

AI startups leak sensitive credentials on GitHub, exposing models and training data

Experts say the leaks highlight how fast-growing AI firms may be prioritizing innovation over basic DevSecOps hygiene, ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...

Tech Moves: J&J exec joins logistics startup Auger; WTIA adds public policy leader; and more

Auger, a startup building logistics and supply chain software, named a new chief data and AI enablement officer while WTIA ...
SecurityWeek

Many Forbes AI 50 Companies Leak Secrets on GitHub

Wiz has analyzed GitHub repositories pertaining to the world’s largest AI companies and found that many had leaked verified ...
InfoQ

GitHub Expands Copilot Ecosystem with AgentHQ

GitHub has announced AgentHQ, a new addition to its platform that aims to unify the fragmented landscape of AI tools within ...

Leading AI companies keep leaking their own information on GitHub

AI companies have had a pretty rocky history with cybersecurity and data privacy, and new research from Wiz shows this still ...
Opinion
Database Trends and ApplicationsOpinion

Amplitude and GitHub Accelerate Product Development with Agent-to-Agent Integration

Amplitude, Inc., a leading digital analytics platform, is collaborating with GitHub to launch an agent-to-agent integration for enterprise product and engineering teams-enabling Amplitude to act as an ...
SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.

10 Key Takeaways From GitHub Octoverse 2025 Report

The timing of the Octoverse 2025 report release during the conference proved strategic, as it provided attendees with ...
Voice&DataOpinion

Intelligent observability: The answer to enterprise data overload

Opinion: In a world of data overload, Intelligent Observability helps tech teams break silos, unify workflows, and boost ...