Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts
A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...
The Hacker News2d
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
(CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.
This DOGE staffer’s GitHub posts might help us understand how Elon Musk wants to bring AI into the government
Jordan Wick’s GitHub posts reveal tools for analyzing federal employees and their digital histories, raising questions about ...