News

SecurityWeek2d

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
The Register on MSN10mon

Python dethrones JavaScript as the most-used language on GitHub

Yearly report finds explosion of GenAI projects, new users from outside the coding community responsible for boost There's been an upset in the Octoverse, as Python has unseated JavaScript as the most ...
InfoWorld10mon

Python has overtaken JavaScript on GitHub

Python has overtaken JavaScript as the most popular language on GitHub, while the use of Jupyter Notebooks also has skyrocketed on the site. The rise of both underscore the surge in data science, ...
TechCrunch5y

GitHub nabs JavaScript packaging vendor npm

GitHub, the developer repository owned by Microsoft, made a little deal of its own this morning when it bought JavaScript packaging vendor npm for an undisclosed amount. As GitHub CEO Nat Friedman ...
IT World Canada5y

Github acquires npm to aid JavaScript developers

The Microsoft-owned Github this week announced that is has acquired npm, a company with a large registry of JavaScript packages. Nat Friedman, Github’s chief executive officer, who made the ...