InfoQ

GitHub Revoked Compromised and Unsecure SSH Keys

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
ZDNet

GitHub shifts away from passwords with security key support for SSH Git operations

When you add a security key to SSH operations, you can use these devices to protect you and your account from accidental exposure, account hijacking, or malware, GitHub security engineer Kevin Jones ...
Threat Post

Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug

An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the ...
Ars Technica

Assume your GitHub account is hacked, users with weak crypto keys told

GitHub has revoked an unknown number of cryptographic keys used to access accounts after a developer found they contained a catastrophic weakness that came to light some seven years ago. The keys, ...
Hackaday

TruffleHog Sniffs Github For Secret Keys

Secret keys are quite literally the key to security in software development. If a malicious actor gains access to the keys securing your data, you’re toast. The problem is, to use keys, you’ve got to ...
CSO Online

New Shai-Hulud worm spreading through npm, GitHub

The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, ...