GitHub
-
Blog
Malicious GitHub repositories target users with malware
McAfee has uncovered new malware that’s being used to target GitHub users with infostealing malware. The security firm said it found several GitHub repositories offering video game hacks, cracked software, and free crypto tools that were not what they seemed. They included game hacks for top-selling video games such as Apex Legends, Minecraft, Counter Strike 2.0, Roblox, Valorant, Fortnite, Call…
Read More » -
Blog
Why You Should Keep All Your Linux Dotfiles on GitHub
Summary Managing dotfiles with git can save time and provide a robust backup option. Storing dotfiles in a version control system (VCS) like git can ensure a consistent setup across multiple machines. Using GitHub to host dotfiles allows for easy sharing and collaboration. Dotfiles are an accessible, powerful way of configuring your Linux system. But how do you keep track…
Read More » -
Blog
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The tactic isn’t novel, as there have been multiple documented cases of malicious tools disguised as PoC exploits on GitHub. However, this case, discovered by Trend Micro, highlights that threat actors continue to use the…
Read More » -
Blog
Over 3.1 million fake “stars” on GitHub projects used to boost rankings
GitHub has a problem with inauthentic “stars” used to artificially inflate the popularity of scam and malware distribution repositories to appear more popular, helping them reach more unsuspecting users. Stars are similar to “Like” buttons on social media sites, allowing GitHub users to favorite a repository. GitHub uses the stars as part of a global ranking system and to show you related…
Read More » -
Blog
GitHub just launched a new free tier for its Copilot coding assistant – but only for a select group of developers
GitHub has launched a new free tier of its Copilot AI coding assistant for developers using the Visual Studio Code (VS Code) developer environment. There are limitations, however, and the free offer is intended for occasional users rather than full-time developers, which currently pay $10 a month for access to the AI-powered tool. The offer includes 2,000 code completions and…
Read More » -
Blog
GitHub says Copilot improves code quality – but are AI coding tools actually producing results for developers?
Software development has frequently been identified as an area ripe for improvement through generative AI adoption, but a recent study has challenged perceptions around how beneficial AI coding tools are for developers. The data science team at software development specialists Uplevel looked into the impact generative AI coding assistants are having on the efficiency and efficacy of developers. The investigation…
Read More » -
Blog
GitHub projects targeted with malicious commits to frame researcher
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker’s true intentions. ‘Innocent looking PR’ caught injecting backdoor On Tuesday, Alex Cheema, co-founder of EXO Labs warned everyone…
Read More » -
Blog
Python just brushed past JavaScript to become the most popular programming language on GitHub – and a key factor is that AI developers love it
Python has overtaken JavaScript to become the most popular programming language on GitHub, according to new figures released by the firm, largely thanks to the rise of machine learning and generative AI. The coding platform revealed that there are now 518 million projects on GitHub, up by a quarter year-on-year, with 5.2 billion contributions to projects over the course of…
Read More » -
Blog
“There is no one model to rule every scenario”: GitHub will now let developers use AI models from Anthropic, Google, and OpenAI
GitHub Copilot is going multi-model, with the company unveiling a raft of new options for developers to draw from. Developers will now have the option of using Anthropic’s Claude 3.5 Sonnet, Google’s Gemini 1.5 Pro, and OpenAI’s GPT-4o, o1-preview, and o1-mini. They can either go with Copilot’s default, or toggle between models during a conversation with Copilot Chat about the…
Read More » -
Blog
Winamp’s Code Pulled From GitHub Following Messy Release
The open-source release of Winamp, a popular audio player, has gone particularly badly. It has been deleted from GitHub, possibly due to the controversy and confusion surrounding it. Llama Group, the current owner of Winamp, released the source code in September 2024. After many issues, Llama Group deleted the entire Winamp repository from GitHub. This comes after a lot of…
Read More »