The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
SecurityWeek

GitHub Boosting Security in Response to NPM Supply Chain Attacks

In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and ...
InfoWorld

GitHub’s all-in bet on AI may overlook Git

Did GitHub just jump the shark? At GitHub Universe last week, GitHub CEO Thomas Dohmke declared, “Just as GitHub was founded on Git, today we are re-founded on Copilot,” essentially telling developers ...
Cyber Daily

GitHub to address npm supply chain as CISA warns of spreading Shai-Hulud worm

Popular code repository GitHub is taking action against hackers targeting popular JavaScript code packages to spread malware.
TechCrunch

Four years after being acquired by Microsoft, GitHub keeps doing its thing

It’s been four years to the day since Microsoft closed its acquisition of GitHub, which at the time was mostly a code repository. Today’s GitHub looks quite a bit different, now that it added CI/CD ...
TheServerSide

Why GitHub renamed its master branch to main

Since its inception, the Git DVCS tool's default branch name was set to master. Every Git repository had a master branch unless a developer took explicit steps to remove it, which was rarely ever done ...
Ars Technica

GitHub will be folded into Microsoft proper as CEO steps down

Microsoft has owned GitHub since 2018, but the widely used developer platform has operated with at least a little independence from the rest of the company, with its own separate CEO and other ...