
One day short of a full chain: Real world exploit chains explained
When it comes to security research, the path from bug to vulnerability to exploit can be a long one. Security researchers often end their research journey at the “Proof of…
When it comes to security research, the path from bug to vulnerability to exploit can be a long one. Security researchers often end their research journey at the “Proof of…
In this second post of the series, I’ll exploit a use-after-free in the Payment component of Chrome (1125614/GHSL-2020-165), a bug that I reported in September 2020 that only affected version 86 of Chrome, which was in beta. I’ll use it to escape the Chrome sandbox to gain privilege of a third party App on Android from a compromised renderer.
GitHub Advanced Security customers can now view their active committer count and the remaining number of unused committer seats on their organization or enterprise account’s Billing page. If Advanced Security…
In December 2020, we launched the public beta of GitHub Discussions, a collaborative communication forum that allows community members to ask and answer questions, share updates, and have open-ended conversations.…
As technology transforms the global economy, Dr. Bernice King, the CEO of the King Center for Nonviolent Social Change, is striving to make sure these new economic opportunities are available…
At GitHub, our community is at the heart of everything we do. We want to make it easier to build the things you love, with the tools you prefer to…
Today we are announcing a breakthrough: we have secured a license from the US government to offer GitHub to developers in Iran. This includes all services for individuals and organizations, private and public, free and paid.
Companies can now invest in open source with GitHub Sponsors! We’re launching GitHub Sponsors for companies in beta on December 8 (Tuesday) at Universe. Self-service (payment via credit card or…
Check out the latest announcements from GitHub Universe 2020, including dark mode, Sponsors for companies, improvements to Actions, dependency review, and more.
This article originally appeared in TechCrunch, and is republished here with permission. The Supreme Court heard arguments October 7 in Google v. Oracle. This case raises a fundamental question for…
Account and billing admins can now provide a list of email addresses to receive billing notifications, including threshold notifications for Actions and Packages. The email addresses may belong to users…
Until now, organization admins couldn’t view Actions and Packages billing history if the organization was part of an enterprise account. Now, organization admins can view that information so they can…
Have your team join Homebrew and JuliaLang, along with over 500 other organizations, in sponsoring open source projects, and the people behind them.
GitHub expanded license management is now in beta. GitHub Enterprise Server customers are now able to access their Enterprise Server licenses on GitHub. Locating the improved license management experience on…
Learn more about the Bug Bounty program, including a recap of 2019’s bugs, our expanded scope, new features, and more.
This quickstart guide walks you through several ways you can start pursuing funding for your open source work.
Starting today, GitHub Packages (formerly GitHub Package Registry) is generally available. The use of GitHub Packages is free for all public repositories, and every plan gets included storage and data…
Starting today, GitHub Actions is generally available. GitHub Actions are free for all public repositories, and every plan gets included storage and runner minutes for private repositories. Learn more about…
GitHub Sponsors now features a new streamlined onboarding and payment experience with Stripe Connect.
The GitHub Student Developer Pack doubles in size, offering nearly $45,000 in value to students.
We’re thrilled to announce the beta of GitHub Sponsors, a new way to financially support the developers who build the open source software you use every day. Open source developers build tools for the rest of us. GitHub Sponsors is a new tool to help them succeed, too.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Last chance: Save $700 on your IRL pass to Universe and join us on Oct. 28-29 in San Francisco.