Anthropic says its leak-focused DMCA effort unintentionally hit legit GitHub forks

“The repo named in the notice was part of a fork network connected to our own public Claude Code repo, so the takedown ...

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

On Tuesday, a software engineer discovered that Anthropic had, seemingly by accident, included access to the source code for ...
ET CIO

Top 7 Data Engineering Tools for DevOps Teams in 2026

Discover the top data engineering tools that will revolutionize DevOps teams in 2026. Explore cloud-native platforms designed ...
InfoWorld

Context Hub vulnerable to supply chain attacks, says tester

The new AI tool highlights the risk when developers point their bots at non-authoritative information sources, with ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...
Bleeping Computer

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. Secret scanners are specialized utilities that ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical assessment materials.
tech2geek

The Ultimate Guide to the .github Folder: Automate, Organize, and Scale Your GitHub Repositories

If you’ve ever browsed a well-structured repository, chances are you’ve seen a mysterious little folder sitting quietly at the root: .github. It may look harmless, but this directory is one of the ...
InfoWorld

GitHub readies agents to automate repository maintenance

A technical preview promises to take on the unrewarding work in DevOps, but questions remain about controls over costs and access. GitHub is readying a new feature to automate some of the most ...
InfoQ

GitHub Agentic Workflows Unleash AI-Driven Repository Automation

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Soroosh Khodami discusses why we aren't ready ...