GitHub stories

GitHub launches security campaigns, now available for Advanced Security users, enhancing collaboration between developers and security teams to tackle security debt.

GitHub has launched new features for Copilot, enhancing control for developers with agent mode and premium options, including support for various AI models.

Elastic Security Labs has unveiled SHELBY, a sophisticated malware family linked to phishing attacks against an Iraqi telecom firm, raising security alarms.

Alibaba Cloud has unveiled the Qwen2.5-Omni-7B, a new multimodal AI model capable of processing various media types in real time, aimed at enhancing edge devices.

A recent cyber attack has compromised over 23,000 GitHub repositories, raising alarms over software supply chain security and the exploitation of trusted components.

A malicious commit in the tj-actions/changed-files GitHub Action, used in over 23,000 repositories, threatens software security across numerous CI pipelines.

GitHub is set to enhance security for developers by launching two standalone products, Secret Protection and Code Security, from April 2025.

Entro Security has unveiled a new integration with Google Workspace, enabling enhanced management of secrets and non-human identity risks in cloud applications.

GitHub has partnered with Endor Labs, integrating advanced security software to help developers swiftly identify and manage critical vulnerabilities within the platform.

Yandex has launched Perforator, an open-source tool that helps developers optimise server resource usage and potentially save millions in costs.

GitHub has unveiled significant updates to GitHub Copilot, introducing features aimed at boosting coding efficiency and collaboration for developers worldwide.

Appfire has acquired Flow, a prominent Software Engineering Intelligence platform, from Pluralsight, aiming to boost support for engineering teams.

GitHub has launched its Enterprise Cloud with local data residency in Australia, enabling regulated sectors to securely store their code while embracing cloud services.

CloudSEK has revealed a cyber threat impacting over 18,000 devices worldwide, targeting novice cybersecurity users with a malicious XWorm Remote Access Trojan builder.

Teleport has unveiled its Teleport 17 update, enhancing access control for large enterprises facing rising cloud security challenges amidst increasing breaches.

Carlsberg has enhanced its development processes by integrating GitHub's tools, streamlining coding and security while reducing operational tool sprawl.

CloudSEK has uncovered over 30,000 exposed Postman workspaces leaking sensitive API keys, affecting major firms across healthcare, finance, and sports sectors.

GitHub has surpassed 150 million developers and launched a free tier for its Copilot in Visual Studio Code, empowering users with enhanced coding tools.

Veracode has unveiled enhancements to its AI-powered coding solution, Veracode Fix, aiming to cut vulnerability remediation time drastically.

Microsoft has integrated Endor Labs' Software Composition Analysis into Defender for Cloud, enabling unified security from code development to runtime.