GitHub has awarded a researcher $18,000 for disclosing a security flaw in GitHub Enterprise which could have lead to remote code execution. According to independent German researcher Markus Fenske ...

Whenever a user clones this repository, because of the way Git clients handle this malicious Git submodule may allow an attacker to execute code on users' systems. Git 2.17.1, released last night ...

A new cybersecurity campaign has exposed 67 trojanized GitHub repositories, targeting gamers and developers with malicious ...

A severe vulnerability has been patched in Git software source code to prevent remote code execution attacks being launched at users. The bug, which is industry-wide, was disclosed on Tuesday. Git ...

Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising ...

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by ...

Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting novice cybercriminals and video game cheaters looking to get their hands ...

Git has since released a couple of additional versions, so to be on the safe side, make sure you’re running the latest version of Git - 2.39.1.

Two vulnerabilities affecting Git's commit log formatting and .gitattributes parsing in Git versions up to and including Git 2.39 have been recently patched. Both may lead to remote code execution, so ...

A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and ...