Search results for tag #github
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/110/560/511/618/170/134/original/4f33ba36608d1311.png)
New.
"The emails contained links to GitHub repositories masquerading as technical assignments or cryptocurrency-related projects. The instructions encouraged the target to clone the repository and open it in an editor such as VS Code or Cursor. A pre-configured task executes silently when the user opens the repository folder in the IDE, triggering platform-specific loaders that decode embedded payloads on Linux, macOS, and Windows."
Proofpoint: Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency https://www.proofpoint.com/us/blog/threat-insight/dont-fear-repo-unkdeaddrop-phishing-campaign-targets-developers-steal #threatresearch #infosec #phhishing #GitHub #Linux #MacOS #Windows11
![[?]](https://cache.treehouse.systems/accounts/avatars/110/628/855/321/239/565/original/02818afb40ed82f7.jpeg)
Another thing I love about #GitHub is how applying review comments adds random CRs to a LF-only file. Thank you, #Microsoft, that definitely makes sense.
https://github.com/conda-forge/conda-smithy/pull/2568/changes/d4ac9d147ffd3e8fee38c448afba89faf1e919ff
https://github.com/conda-forge/conda-smithy/pull/2568/changes/7a31c84099422b9d4bbaee9686025df00c4bac94
(Yes, of course they don't show on UI.)
![[?]](https://nbg1.your-objectstorage.com/tno-mastodon/accounts/avatars/111/434/264/745/920/273/original/52ff85db085a2a1d.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/113/247/756/313/164/165/original/70ea71b3dff2cf65.jpg)
This is intended to introduce a unique approach in client-side managed secure cryptography. We can avoid registration of any sort.
Features:
PWA
P2P
End to end encryption
Signal protocol
Post-Quantum cryptography
Multimedia
File transfer
Video calls
Local-first
No registration
No installation
No database
TURN server
https://www.reddit.com/r/positive_intentions
#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics #P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging #PWA
Alt...
Send Messages Securely. No cloud. No trace.
Decentralized P2P encrypted messaging - No setup required
![[?]](https://cdn.fosstodon.org/accounts/avatars/000/000/001/original/8f82f81f058d509e.png)
Lawmakers Demand Answers as #CISA Tries to Contain Data Leak
https://krebsonsecurity.com/2026/05/lawmakers-demand-answers-as-cisa-tries-to-contain-data-leak/
![[?]](https://files.mastodon.social/accounts/avatars/114/368/991/106/654/640/original/4055052cf2bcf4e8.png)
Discord now enables default end-to-end encryption for voice and video across DMs, group calls, channels and Go Live streams using the open-source DAVE protocol. 🔐
Externally audited encryption keeps keys on user devices, while unsupported clients are blocked and text messages remain server-accessible. 🛡️
🔗 https://cybersecuritynews.com/discord-end-to-end-encryption-default/
#TechNews #Discord #E2EE #Encryption #DAVE #OpenSource #Privacy #Cybersecurity #WebRTC #FOSS #Security #Linux #Gaming #Mozilla #GitHub #Audit #Games #Game
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/110/897/841/857/820/580/original/440da7fe4ff168a8.webp)
Мой сонный разум породил подходящий рекламный слоган для #GitHub в последнее время:
«Я часть той силы, что вечно обещает SLA, но вечно производит баги».
#GitHub is going great.
Remember the issue where PRs wouldn't show up on repositories? Well, it turns out it wasn't fixed at all. #Microsoft just "resolved" the incident and is rejecting all reports about it now.
https://github.com/conda-forge/amplitude-analytics-feedstock/pulls is one example when you can't see the PRs.
#Grafana says stolen #GitHub token let hackers steal codebase
#privacy #cybersecurity #DataBreach #analytics #TeamPCP #npm #ShaiHulud
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/292/308/621/808/343/original/755a13b4323a9c58.jpg)
The GitHub breach last night was worse than reported. 4000 or so private repos for sale on Tor. LAPSUS$ is claiming it's for sale already but it isn't on their release site.
https://thehackernews.com/2026/05/github-investigating-teampcp-claimed.html?m=1
![[?]](https://jws.social/fileserver/01RPBQ261M2STKJY1GKDTWTVGH/attachment/original/01J01PNVPWFFAGA03CY77XEATK.png)
Well, that isn't great.
"GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension.
The company has since removed the unnamed trojanized extension from the VS Code marketplace and has secured the compromised device."
![[?]](https://s3-eu-central-1.amazonaws.com/mastodon-aral/accounts/avatars/000/000/001/original/0d9c2e06a0f43906.png)
RE: https://techhub.social/@Techmeme/116606089296164399
Remember this whenever you hear claims that your data is secure on some system or other that you do not own and control.
Like all that additional data governments want to gather via the slippery slope of “age verification” in the EU.
The only data that is actually secure on a third party is data you haven’t shared with the third party.
Hence: data minimisation.
Had I mentioned GDMR yet today? Because I feel I might have. But hey, here it is again:
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/287/004/308/114/569/original/602782bbf5d0d8fe.png)
info on the github breach appears to only be available on xitter 🙄 , I fished it out for you.
Alt...
post from github on May 20th, 2026:
We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.
![[?]](https://soc.octade.net/octade/s/3f7f2b5eda4e392867c301c49c2daa16.png)
Forgejo: https://forgejo.org ...
"Forgejo is a Free Software platform for collaboration and productivity in software development. It offers a familiar environment to GitHub users, easy installation and maintenance, and a focus on security, scaling, federation and privacy."... or cgit, which is very fast and slick for the barebones portal ...
... codeberg has a nice setup (via forgejo) if you don't want to self-host.
#git #forgejo #scm #vcs #sources #source #code #vps #gitlab #github #codeberg #hosting
Everyone loves jeering at vibecoded #GitHub being down all the time. Yet for some reason people still neglect to question making #Microsoft the primary guarantor of their software's supply chain #security. And the whole attestation nonsense that doesn't really protect against the most likely attack vectors.
![[?]](https://files.mastodon.social/accounts/avatars/000/199/851/original/21292f83459dd19d.png)
Netherlands is quietly moving away from GitHub. 🇳🇱👩💻
![[?]](https://cdn.fosstodon.org/accounts/avatars/109/377/947/499/982/783/original/82c7cbab7a35bd34.jpg)
How to setup a self-hosted #git server at home using just #cli and #ssh, without using #gitea or #gogs , so you can migrate your personal projects away from #Bitbucket or #github or #gitlab https://vikaskumar.org/2026/05/01/setup-self-hosted-git-server.html
I have been using GitHub (https://github.com/steinbring) for a long time, and I have been seeing a lot of people dunking on it lately (e.g., https://mitchellh.com/writing/ghostty-leaving-github) because of its many failings. I don't think that something like Codeberg (https://codeberg.org) or Bitbucket (https://bitbucket.org) is the answer because there is still a central point of failure and hosting bills to pay. I like the fact that things like ForgeFed (https://forgefed.org) and tangled (https://tangled.org) exist to at least federate comms.
I really don't know what the answer is.
Seriously considering a switch from #GitHub to #Codeberg after reading the post below, but I'm not sure I have the energy for it.
![[?]](https://cdn.masto.host/retrogaidencom/accounts/avatars/112/283/663/085/854/935/original/7a20d4ee27d520bb.png)
If anybody here happens to have a GitHub account, it would help a great deal to drop Pearl a star. Right now, the project is buried in search despite having a (small but present) user base and being actively maintained.
No pressure of course, but it would help a lot!
https://github.com/pdschneider/Pearl
#github #pearl #software #ai
![[?]](https://media.tkz.one/tkz/accounts/avatars/116/440/523/171/324/917/original/8f6f303f8a358063.jpg)
System76 founder Carl Richell says Colorado’s SB26-051 may be amended to exempt open source software, including OSs, repos, and containers. 🏛️
The change follows advocacy, but wider state and federal proposals still risk verification rules that could limit open access and user control. 🔐
🔗 https://itsfoss.com/news/colorado-age-attestation-bill-open-source-exemption/
#TechNews #Linux #OpenSource #System76 #Colorado #Privacy #FOSS #GitHub #GitLab #Docker #Podman #Security #Policy #Freedom #Regulation
![[?]](https://cdn.masto.host/indiewebsocial/accounts/avatars/112/536/017/792/352/435/original/a07c2813d5f4cabd.png)
⭐ Inside GitHub's Fake Star Economy
「 Stars sell for $0.03 to $0.85 each on at least a dozen websites, Fiverr gigs, and Telegram channels - no dark web required
VCs explicitly use stars as sourcing signals: Redpoint found the median star count at seed is 2,850, and firms run automated scrapers to find fast-growing repos 」
https://awesomeagents.ai/news/github-fake-stars-investigation/
![[?]](https://files.mastodon.online/accounts/avatars/109/277/927/349/683/391/original/aac58e481bc1a913.png)
@jonn_blanchard pretty sure you’re more likely to get hacked or scammed by visiting #github these days. The way the world is going, Github will be marked NSFW in most European workplaces.
![[?]](https://fe.upload.disroot.org/media/f7c029f9dff5af946bc869b1abf96a8e120ab768990036d1a0222548cf526495.png)
!!! ALL HAIL THE VAN PANTHER !!!
Click on, "Show More" or "Read More" to get the links!
DESCRIPTION - "Today we look at the overuse of AI and ask if a chatbot would be make a better boss than a human, but the therapists asked that about an AI girlfriend. We look at these and the news related to privacy and security."
!!! NOTE !!! This post is best viewed on a PC. Switched To Linux is, “written by a broad spectrum computer consultant to help people learn more about the Linux platform.” This account is a supporter of Switched To Linux and provides convenience posts of thumbnails art, videos and streams.
#SwitchedToLinux #Linux #Windows #Mac #Technology #Tech #AltTech #Privacy #Private #Security #Secure #FOSS #FreeAndOpenSource #FreeAndOpenSourceSoftware #FreeOpenSourceSoftware #YouTube #Odysee #Rumble #BitChute #Locals #Patreon #DLive #Twitch #AltTech #FactCheckTrue #Fediverse #SocialMedia #AI #chatbots #github
!!! Tell us what you think by filling out a "SATISFACTION SURVEY or ABUSE/SPAM REPORT" form from Teh AnKorage !!!
https://cryptpad.disroot.org/form/#/2/form/view/elsOVQUrXAmGuer4kd75JhA3mNELuCj8cTjEUynrZZo/
\*Videos and podcasts may take a considerable amount of time to post. If it is not present, it will be, soon(tm).
#YouTube -
https://www.youtube.com/@SwitchedtoLinux/videos
#Odysee -
https://odysee.com/@switchedtolinux:0?view=content
#Rumble -
https://rumble.com/c/SwitchedToLinux/videos
#Bitchute -
https://www.bitchute.com/channel/uf9hzD216LX0
Keep an eye out for a possible podcast!
PODCAST: https://podcast.switchedtolinux.com
IT'S HAPPENING
GITHUB, THE FIRST ENTERPRISE CLOUD SOLUTION TO REACH ZERO NINES RELIABILITY
https://mrshu.github.io/github-statuses/
Alt...
uptime graph reading: 95 incidents in last 90 days - 89.91% uptime
Alt...
classic meme image: "it's happening" with Ron Paul laser show
![[?]](https://files.mastodon.social/accounts/avatars/000/207/529/original/54f1c149bd7d41f1.jpg)
🚨 OPT OUT & say NO to #GitHub using your interaction data to train & improve its AI models. 🚨
GitHub is the next company to choose to opt you into having your data used - by default. 🚩
Opt out in Settings --> Copilot --> Features.
Under "Allow GitHub to use my data for AI model training" -→ Disabled.
It recently announced that if you do not opt out before April 24th, it will use your interaction data when using Copilot.
Alt...
GitHub users -Opt out now. Screenshot of GitHub CoPilot Privacy Settings. Allow GitHub to use my data to for AI model training.
Alt...
Opt out in Settings --> Copilot.
Alt...
Click Disabled.
Alt...
Features --> Privacy ---> Under Allow GitHub to use my data for AI model training -→ Click enabled.