SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...

Tangled announces $4.5M round to build GitHub alternative built on Bluesky’s AT protocol

Founded in 2025, Tangled develops a next-generation federated social coding platform built atop the AT protocol. The Authenticated Transfer protocol is the same decentralized network paradigm that ...
InfoWorld

GitHub readies agents to automate repository maintenance

A technical preview promises to take on the unrewarding work in DevOps, but questions remain about controls over costs and access.

Gentoo dumps GitHub over Copilot nagware

Repo mirrors now open for business Gentoo's official migration from Microsoft-owned GitHub to Codeberg is underway, as the Linux distribution fulfills a pledge to ditch the code shack due to ...
DIGITIMES

Chinese IC design house hit by open-source license dispute after GitHub freezes code

China IC design firm Rockchip is facing an open-source licensing dispute after GitHub reportedly froze code repositories linked to its projects, drawing attention across the semiconductor and software ...

Go library maintainer brands GitHub's Dependabot a 'noise machine'

When a one-line fix triggers thousands of PRs, something's off A Go library maintainer has urged developers to turn off ...
Security Boulevard

Shifting Security Left for AI Agents: Enforcing AI-Generated Code Security with GitGuardian MCP

In this article, we will explore the hot topic of securing AI-generated code and demonstrate a technical approach to shifting ...
The Hacker News

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risks.
Cybernews

Unprecedented GitHub hacking spree: “security research” AI bot compromises major repos from Microsoft, Datadog, and others

Five major GitHub repositories targeted by the autonomous AI bot “hackerbot-claw” were compromised through various injection and exploitation techniques.

Too much Copilot: Gentoo switches from GitHub to Codeberg

The operators of Gentoo Linux have opened a presence on Codeberg, a platform competing with GitHub. They cite GitHub Copilot as the reason.