Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...

GitHub is now also a CVE CNA and can issue its own CVE numbers for bugs disclosed in projects hosted on the platform.

GitHub is extending its Projects tool for project management to support entire organizations as they collaborate on software development.

GitHub is now popular enough for other companies to start building services around it. One of the latest projects that aims to make working with GitHub faster and easier is ZenHub. With ZenHub ...

GitHub, the popular open-source development community site, is finally getting its licensing act together. It's high time since Black Duck has found that 77-percent of GitHub projects have no ...

What are the hottest projects on GitHub? With some help from the GitHub Archive, FastCoLabs tracked down the most starred, forked, and watched projects so far this year.