Search results for: Payment
Release Radar · October 2022 Edition
Before you say it, yes, the October Release Radar was supposed to be shared in November. But with Hackatoberfest, GitHub Universe, Turkey Day, and in real life (IRL) conferences returning…
An enterprise account is coming to all Enterprise customers
Administrators, or enterprise owners, have the increased responsibility of managing their account and keeping it secure. We are excited to introduce what is new with enterprise accounts and what is coming soon.
Advocating for developers to the US Copyright Office
How GitHub advocated for developer interests at the US Copyright Office technical measures consultations
13 tiny, terrific, and terrifying games to hack, slay, and play this Halloween 🧛🏻♀️
Some seriously spooktacular open source games for the web, Windows, macOS, and Linux with all sorts of fun hacks for infinite lives, invulnerability, and playing with time.
GitHub Team or Free? How to choose the right plan
Read about all the features you may not have known come on the GitHub Free plan, and how to choose the right plan for you.
Eight years of the GitHub Security Bug Bounty program
It was another record year for our Security Bug Bounty program. We’re excited to highlight some achievements we’ve made together with the bounty community from 2021!
Today’s most common security vulnerabilities explained
We’re taking a look at some of the most common security vulnerabilities and detailing how developers can best protect themselves.
Coordinated vulnerability disclosure (CVD) for open source projects
A comprehensive guide for vulnerability reporters.
What’s new from GitHub Changelog? October 2021 recap
A public beta of the new GitHub Issues, a “security manager” role for organizations, a command palette beta, and lots more.
GitHub Enterprise Cloud self-service organization upgrade to an Enterprise Account
GitHub Enterprise Cloud self-service organization upgrade to an Enterprise Account
GitHub keeps getting better for open source maintainers
Maintainers can now limit who can approve and request changes on pull requests. You can also close issues and block users via your phone.
Checkout.com and FullStory are now GitHub secret scanning partners
Checkout.com and FullStory are now GitHub secret scanning partners
The fugitive in Java: Escaping to Java to escape the Chrome sandbox
In this post, I’ll exploit a use-after-free (CVE-2021-30528) in the Chrome browser process that I reported to escape the Chrome sandbox. This is a fairly interesting bug that shows some of the subtleties involved in the interactions between C++ and Java in the Android version of Chrome.
One day short of a full chain: Real world exploit chains explained
When it comes to security research, the path from bug to vulnerability to exploit can be a long one. Security researchers often end their research journey at the “Proof of…
One day short of a full chain: Part 2 – Chrome sandbox escape
In this second post of the series, I’ll exploit a use-after-free in the Payment component of Chrome (1125614/GHSL-2020-165), a bug that I reported in September 2020 that only affected version 86 of Chrome, which was in beta. I’ll use it to escape the Chrome sandbox to gain privilege of a third party App on Android from a compromised renderer.
Advanced Security committer reporting and roll-out improvements
Advanced Security committer reporting and roll-out improvements
GitHub Discussions now available for private repositories
In December 2020, we launched the public beta of GitHub Discussions, a collaborative communication forum that allows community members to ask and answer questions, share updates, and have open-ended conversations.…
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
