GitHub is finally tightening up security around npm following multiple attacks

Furthermore, GitHub announced it would deprecate legacy classic tokens, as well as time-based one-time password (TOTP) 2FA, forcing users to m ...
GIGAZINE

GitHub tokens leaked from prominent open source projects from Google and Microsoft

It has been discovered that GitHub authentication tokens have been leaked from several well-known open source projects on GitHub, including those from Google, Microsoft, Amazon Web Services (AWS), and ...
Bleeping Computer

GitHub can now auto-block commits containing API keys, auth tokens

GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically. Secret scanning is ...
ZDNet

GitHub enables two-factor authentication mechanism through iOS, Android app

GitHub announced that two-factor authentication will be available to all users through GitHub Mobile this week. In a blog post, GitHub's Berk Veral said GitHub Mobile 2FA will be available to all ...
ZDNet

GitHub pushes users to enable 2FA following end of password authentication for Git operations

GitHub is urging its base of users to enable two-factor authentication as the platform shakes up how it protects accounts from compromise. Everyone needs a password manager. If you're willing to pay a ...

After major npm attack: Github tightens security measures

GitHub has unveiled a comprehensive plan to improve npm (Node Package Manager) security. The measures are a direct response to the major npm attack in mid-September, in which self-replicating malware ...

GitHub moves to tighten npm security amid phishing, malware plague

GitHub, which owns the npm registry for JavaScript packages, says it is tightening security in response to recent attacks.

GitHub acts on npm security after Shai-Hulud worm attack

Microsoft-owned repository GitHub has responded to recent node package manager (npm) attacks such as the Shai-Hulud ...