GIGAZINE

It's by design that anyone can access deleted or private repositories on GitHub.

GitHub allows anyone to access forks and repositories that have been deleted or set to private, and this behavior is by design and not a flaw, open source security firm Truffle Security said in a blog ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...
Dark Reading

Hackers Post Dozens of Malicious Copycat Repos to GitHub

Cybercriminals continue to sneak malicious repositories onto GitHub. Typosquatting, dependency confusion, and other types of cyberattacks precipitated through malicious packages are old and common ...
Dark Reading

Millions of Malicious Repositories Flood GitHub

Cyberattackers in just the last few months have registered more than 100,000 — but by some estimates more than a million — malicious copycat repositories on GitHub. The "repo confusion" scheme is ...
TechSpot

More than 100,000 GitHub repositories found spreading malicious packages

Facepalm: GitHub serves as a colossal hub for software development, hosting nearly half a billion code projects created by hundreds of millions of developers worldwide. Given its extensive reach and ...

Key handover in the dark: Syncthing fork community raises alarm

The repository of the popular Syncthing fork for Android disappeared from GitHub and reappeared under dubious circumstances – is this an open-source hack?
How-To Geek on MSN

These 4 GitHub alternatives are just as good—or better

Prominent GitLab users include GNOME, F-Droid, and Inkscape. Gitea is another relative newcomer, with bug tracking, wiki ...