Morning Overview on MSN

A single 'git push' could hijack millions of GitHub repositories — and nobody knew for weeks

Sometime in early 2026, a flaw hiding inside one of the most routine actions in software development went live on the world’s ...

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

10 trillion downloads are crushing open-source repositories - here's what they're doing about it ...
CSOonline

4 tools to prevent leaks in public code repositories

Use these tools to find your company's exposed secrets in repositories such as GitLab, GitHub, or Google Cloud Build before attackers do. Secrets stored in Git repositories have been a thorn in the ...
Dark Reading

Dropbox Code Repositories Stolen in Cyberattack on GitHub-Based Developers

A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 ...
Bleeping Computer

Slack's private GitHub code repositories stolen over holidays

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...

FSFE warns: NHS should not depublish open-source code

The Free Software Foundation Europe warns against switching NHS code repositories to private due to fears of AI vulnerability ...
Bleeping Computer

Microsoft investigating claims of hacked source code repositories

Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data. Unlike many extortion groups ...
Dark Reading

'TrustFall' Convention Exposes Claude Code Execution Risk

Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no ...