CSO Online

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...

GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed ...
The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
SecurityWeek

Critical GitHub Vulnerability Exposed Millions of Repositories

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

eScan Enterprise DLP Closes Critical GitHub Access Control Gap for Organizations

GitHub Team accounts leave enterprises exposed. eScan enforces corporate-only authentication across all GitHub tiers — ...

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...

GitHub and GitHub Enterprise Server: Code smuggling via push

In GitHub and GitHub Enterprise Server, attackers with push rights to repositories can inject malicious code. Updates fix ...
The Hacker News

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx data surfaced after March 23, 2026 supply chain attack, prompting repository lockdown and investigation, raising ...

Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub ...

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

It has been a bad six weeks for security firm Checmarx. Over the past 40 days, it has been the victim of at least one ...
Geeky Gadgets

Why your private GitHub repos may not be as secure as you think

Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely. This ...